Skip to content

FENRIR 0.5 - Energetic Bear Release

Compare
Choose a tag to compare
@Neo23x0 Neo23x0 released this 23 Apr 11:11
· 3 commits to energeticbear since this release
  • Prepared to detect the IOC reported by Kaspersky in recent Energetic Bear report

https://securelist.com/energetic-bear-crouching-yeti/85345/

screen shot 2018-04-23 at 13 07 33

I used pretty specific strings extracted from the WSO shells for the string match detection:

screen shot 2018-04-23 at 13 02 16
screen shot 2018-04-23 at 13 02 31