2022-07-01 (FRIDAY) - MONSTER LIBRA (TA551) SVCREADY INFECTION

NOTES:

ASSOCIATED FILES:

 

INDICATORS

MALWARE:

SHA256 hash: d75077838fc33ec2769f958b1035346cd67da083f77a2edaa01375b19ba960b2

SHA256 hash: 6cbe0e1f046b13b29bfa26f8b368281d2dda7eb9b718651d5856f22cc3e02910

SHA256 hash: 64ea06acffb3905ff1f7255d45f8f333821bce10f6c40ab8121af72d74706907

INFECTION TRAFFIC DOMAINS/IP ADDRESSES:

INFECTION TRAFFIC URLS:

 

IMAGES


Shown above:  Chain of events for this SVCready infection.

 


Shown above:  Word document with macros for SVCready.

 


Shown above:  Scheduled task and malware/artifacts from the infection.

 


Shown above:  Traffic from the infection filtered in Wireshark.

 


Shown above:  TCP stream of SVCready C2 traffic.

 

Click here to return to the main page.