├── APT10 └── README.md ├── APT3 └── yara.yar ├── APT32 ├── README.md └── YARA │ └── KerrDown.yar ├── APT34 ├── Sigma │ └── twoface.yml └── YARA ├── APT36 └── SilentCMD.yar ├── APT38 ├── ARTFULPIE │ └── yara.yar └── yara.yar ├── APT41 └── yara.yar ├── CVE-2020-0601 └── CVE-2020-0601.yar ├── DustSquad └── yara.yar ├── HKTL └── Bloodhound_SharpHound.yar ├── Hexane └── yara.yar ├── LOTUS PANDA └── evora_loader.yar ├── MuddyWater ├── Operation_Space_Race.pdf ├── Operation_Space_Race_IoC.txt └── sharpstats.yar ├── OceanLotus_on_ASEAN_Affairs-white.pdf ├── PoC └── nokia_impact_RCE.go ├── README.md ├── TA505 ├── CobaltStrike │ └── cobaltstrike.yar └── ioc_06_08_2020.txt ├── Turla ├── README.md └── Turla_LNTA_v1 ├── UNC2452 └── snort.rules ├── WizardSpider └── TrickBot │ └── ioc.txt ├── Zebrocy └── yara.yar ├── coronavirus ├── Maze │ └── MazeRansomware │ │ └── maze_vaccine.py ├── sigma │ └── Ryuk.yaml └── yara.yar ├── deadlykiss └── yara.yar ├── malware └── poulight │ └── yara.yar └── sidewinder └── sidewinder_apt.yar /APT10/README.md: -------------------------------------------------------------------------------- 1 | Telsy SpA - TIM Group - CTI Team 2 | TLP:WHITE / APT10 Reseach and IoC 3 | -------------------------------------------------------------------------------- /APT3/yara.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/APT3/yara.yar -------------------------------------------------------------------------------- /APT32/README.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Telsy SpA - TIM Group - CTI Team TLP:WHITE / APT32 Reseach and IoC 5 | -------------------------------------------------------------------------------- /APT32/YARA/KerrDown.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/APT32/YARA/KerrDown.yar -------------------------------------------------------------------------------- /APT34/Sigma/twoface.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/APT34/Sigma/twoface.yml -------------------------------------------------------------------------------- /APT34/YARA: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/APT34/YARA -------------------------------------------------------------------------------- /APT36/SilentCMD.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/APT36/SilentCMD.yar -------------------------------------------------------------------------------- /APT38/ARTFULPIE/yara.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/APT38/ARTFULPIE/yara.yar -------------------------------------------------------------------------------- /APT38/yara.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/APT38/yara.yar -------------------------------------------------------------------------------- /APT41/yara.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/APT41/yara.yar -------------------------------------------------------------------------------- /CVE-2020-0601/CVE-2020-0601.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/CVE-2020-0601/CVE-2020-0601.yar -------------------------------------------------------------------------------- /DustSquad/yara.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/DustSquad/yara.yar -------------------------------------------------------------------------------- /HKTL/Bloodhound_SharpHound.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/HKTL/Bloodhound_SharpHound.yar -------------------------------------------------------------------------------- /Hexane/yara.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/Hexane/yara.yar -------------------------------------------------------------------------------- /LOTUS PANDA/evora_loader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/LOTUS PANDA/evora_loader.yar -------------------------------------------------------------------------------- /MuddyWater/Operation_Space_Race.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/MuddyWater/Operation_Space_Race.pdf -------------------------------------------------------------------------------- /MuddyWater/Operation_Space_Race_IoC.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/MuddyWater/Operation_Space_Race_IoC.txt -------------------------------------------------------------------------------- /MuddyWater/sharpstats.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/MuddyWater/sharpstats.yar -------------------------------------------------------------------------------- /OceanLotus_on_ASEAN_Affairs-white.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/OceanLotus_on_ASEAN_Affairs-white.pdf -------------------------------------------------------------------------------- /PoC/nokia_impact_RCE.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/PoC/nokia_impact_RCE.go -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/README.md -------------------------------------------------------------------------------- /TA505/CobaltStrike/cobaltstrike.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/TA505/CobaltStrike/cobaltstrike.yar -------------------------------------------------------------------------------- /TA505/ioc_06_08_2020.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/TA505/ioc_06_08_2020.txt -------------------------------------------------------------------------------- /Turla/README.md: -------------------------------------------------------------------------------- 1 | Telsy SpA - TIM Group - CTI Team TLP:WHITE / Turla Reseach and IoC 2 | -------------------------------------------------------------------------------- /Turla/Turla_LNTA_v1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/Turla/Turla_LNTA_v1 -------------------------------------------------------------------------------- /UNC2452/snort.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/UNC2452/snort.rules -------------------------------------------------------------------------------- /WizardSpider/TrickBot/ioc.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/WizardSpider/TrickBot/ioc.txt -------------------------------------------------------------------------------- /Zebrocy/yara.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/Zebrocy/yara.yar -------------------------------------------------------------------------------- /coronavirus/Maze/MazeRansomware/maze_vaccine.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/coronavirus/Maze/MazeRansomware/maze_vaccine.py -------------------------------------------------------------------------------- /coronavirus/sigma/Ryuk.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/coronavirus/sigma/Ryuk.yaml -------------------------------------------------------------------------------- /coronavirus/yara.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/coronavirus/yara.yar -------------------------------------------------------------------------------- /deadlykiss/yara.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/deadlykiss/yara.yar -------------------------------------------------------------------------------- /malware/poulight/yara.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/malware/poulight/yara.yar -------------------------------------------------------------------------------- /sidewinder/sidewinder_apt.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/telsy-cyberops/research/HEAD/sidewinder/sidewinder_apt.yar --------------------------------------------------------------------------------