├── APT12 ├── 2384c8ce-6eca-4d06-8aa4-151b53d9a6bc.ioc └── README.md ├── APT17 ├── 7b9e87c5-b619-4a13-b862-0145614d359a.ioc └── README.md ├── APT18 ├── 0ae061d7-c624-4a84-8adf-00281b97797b.ioc └── README.md ├── APT28 ├── 0ff58bf9-1c07-42f6-b135-b18c139f631a.ioc ├── README.md ├── a438caeb-96dd-4225-853c-fc5910980961.ioc ├── a6c6dbf0-d72a-4f07-8b11-55527aef4755.ioc ├── bdf7929c-3f0b-4fdd-bcc5-b4a82554ad92.ioc └── e1cbf7ca-4938-4d3c-a7e6-3ff966516191.ioc ├── APT3 ├── 62f65dae-9475-44b0-a9eb-c1baebbd9885.ioc ├── README.md └── db0b6ac6-874a-498e-892b-ac7c2020e061.ioc ├── APT30 ├── README.md └── eeffc8e8-caee-4fe1-8ace-7a994b5d893f.ioc ├── BlogPosts ├── 0b879284-0c37-4bfa-9dd8-34505a9c5175.ioc ├── 113e561e-60d2-48db-979d-02f207550125.ioc ├── 4fdb0f45-8151-4941-a9e1-a31e21000659.ioc ├── 5a8d6878-2649-4ddc-a1f6-c98932a54f91.ioc ├── 6037663c-680c-4a28-ad58-40622d206e1d.ioc ├── 60a6de64-7308-4af1-9003-dc23a73fdf01.ioc ├── 6bb9ce5b-94c1-4733-8bb8-dc5be775b190.ioc ├── 9a7a6929-25ea-4254-a300-13fd6b39c490.ioc ├── 9cee306d-5441-4cd3-932d-f3119752634c.ioc ├── README.MD ├── b513e829-b023-426a-b7d4-accd511be3c0.ioc ├── de99badf-b448-49e7-885a-4d8688ddf02d.ioc ├── e598231d-8584-4535-a0de-94e822f04c0b.ioc └── operation_poisoned_handover.yara ├── FIN4 ├── MACROCHECK.yara ├── README.md └── fb0699e2-23a6-40f9-bf96-4514d629eec3.ioc ├── LICENSE └── README.md /APT12/2384c8ce-6eca-4d06-8aa4-151b53d9a6bc.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT12/2384c8ce-6eca-4d06-8aa4-151b53d9a6bc.ioc -------------------------------------------------------------------------------- /APT12/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT12/README.md -------------------------------------------------------------------------------- /APT17/7b9e87c5-b619-4a13-b862-0145614d359a.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT17/7b9e87c5-b619-4a13-b862-0145614d359a.ioc -------------------------------------------------------------------------------- /APT17/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT17/README.md -------------------------------------------------------------------------------- /APT18/0ae061d7-c624-4a84-8adf-00281b97797b.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT18/0ae061d7-c624-4a84-8adf-00281b97797b.ioc -------------------------------------------------------------------------------- /APT18/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT18/README.md -------------------------------------------------------------------------------- /APT28/0ff58bf9-1c07-42f6-b135-b18c139f631a.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT28/0ff58bf9-1c07-42f6-b135-b18c139f631a.ioc -------------------------------------------------------------------------------- /APT28/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT28/README.md -------------------------------------------------------------------------------- /APT28/a438caeb-96dd-4225-853c-fc5910980961.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT28/a438caeb-96dd-4225-853c-fc5910980961.ioc -------------------------------------------------------------------------------- /APT28/a6c6dbf0-d72a-4f07-8b11-55527aef4755.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT28/a6c6dbf0-d72a-4f07-8b11-55527aef4755.ioc -------------------------------------------------------------------------------- /APT28/bdf7929c-3f0b-4fdd-bcc5-b4a82554ad92.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT28/bdf7929c-3f0b-4fdd-bcc5-b4a82554ad92.ioc -------------------------------------------------------------------------------- /APT28/e1cbf7ca-4938-4d3c-a7e6-3ff966516191.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT28/e1cbf7ca-4938-4d3c-a7e6-3ff966516191.ioc -------------------------------------------------------------------------------- /APT3/62f65dae-9475-44b0-a9eb-c1baebbd9885.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT3/62f65dae-9475-44b0-a9eb-c1baebbd9885.ioc -------------------------------------------------------------------------------- /APT3/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT3/README.md -------------------------------------------------------------------------------- /APT3/db0b6ac6-874a-498e-892b-ac7c2020e061.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT3/db0b6ac6-874a-498e-892b-ac7c2020e061.ioc -------------------------------------------------------------------------------- /APT30/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT30/README.md -------------------------------------------------------------------------------- /APT30/eeffc8e8-caee-4fe1-8ace-7a994b5d893f.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/APT30/eeffc8e8-caee-4fe1-8ace-7a994b5d893f.ioc -------------------------------------------------------------------------------- /BlogPosts/0b879284-0c37-4bfa-9dd8-34505a9c5175.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/0b879284-0c37-4bfa-9dd8-34505a9c5175.ioc -------------------------------------------------------------------------------- /BlogPosts/113e561e-60d2-48db-979d-02f207550125.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/113e561e-60d2-48db-979d-02f207550125.ioc -------------------------------------------------------------------------------- /BlogPosts/4fdb0f45-8151-4941-a9e1-a31e21000659.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/4fdb0f45-8151-4941-a9e1-a31e21000659.ioc -------------------------------------------------------------------------------- /BlogPosts/5a8d6878-2649-4ddc-a1f6-c98932a54f91.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/5a8d6878-2649-4ddc-a1f6-c98932a54f91.ioc -------------------------------------------------------------------------------- /BlogPosts/6037663c-680c-4a28-ad58-40622d206e1d.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/6037663c-680c-4a28-ad58-40622d206e1d.ioc -------------------------------------------------------------------------------- /BlogPosts/60a6de64-7308-4af1-9003-dc23a73fdf01.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/60a6de64-7308-4af1-9003-dc23a73fdf01.ioc -------------------------------------------------------------------------------- /BlogPosts/6bb9ce5b-94c1-4733-8bb8-dc5be775b190.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/6bb9ce5b-94c1-4733-8bb8-dc5be775b190.ioc -------------------------------------------------------------------------------- /BlogPosts/9a7a6929-25ea-4254-a300-13fd6b39c490.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/9a7a6929-25ea-4254-a300-13fd6b39c490.ioc -------------------------------------------------------------------------------- /BlogPosts/9cee306d-5441-4cd3-932d-f3119752634c.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/9cee306d-5441-4cd3-932d-f3119752634c.ioc -------------------------------------------------------------------------------- /BlogPosts/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/README.MD -------------------------------------------------------------------------------- /BlogPosts/b513e829-b023-426a-b7d4-accd511be3c0.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/b513e829-b023-426a-b7d4-accd511be3c0.ioc -------------------------------------------------------------------------------- /BlogPosts/de99badf-b448-49e7-885a-4d8688ddf02d.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/de99badf-b448-49e7-885a-4d8688ddf02d.ioc -------------------------------------------------------------------------------- /BlogPosts/e598231d-8584-4535-a0de-94e822f04c0b.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/e598231d-8584-4535-a0de-94e822f04c0b.ioc -------------------------------------------------------------------------------- /BlogPosts/operation_poisoned_handover.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/BlogPosts/operation_poisoned_handover.yara -------------------------------------------------------------------------------- /FIN4/MACROCHECK.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/FIN4/MACROCHECK.yara -------------------------------------------------------------------------------- /FIN4/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/FIN4/README.md -------------------------------------------------------------------------------- /FIN4/fb0699e2-23a6-40f9-bf96-4514d629eec3.ioc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/FIN4/fb0699e2-23a6-40f9-bf96-4514d629eec3.ioc -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mandiant/iocs/HEAD/README.md --------------------------------------------------------------------------------