← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Malware Spotlight - Into the Trash: Analyzing LitterDrifter - Check Point Research
WHITE Gamaredon CyberHunter_NL 2023-11-20 Modified: 2023-12-20
79
IOCs
HIGH VOLUME
The LitterDrifter worm, developed by the Russian espionage group Gamaredon, propagates over USB drives and maintains a broad command and control channel to a wide set of command-and-control servers.
litterdriftergamaredonip addressc2 moduledeobfuscoderspreader modulewmi querycheck pointukrainec2 channelservicespreader
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Deobfuscoder Spreader LitterDrifter
Indicators of Compromise (10 / 79 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 1c49d04fc0eb8c9de9f2f6d661826d24 2023-11-20
FileHash-MD5 2239800bfc8fdfddf78229f2eb8a7b95 2023-11-20
FileHash-MD5 49d1f9ce1d0f6dfa94ad9b0548384b3a 2023-11-20
FileHash-MD5 4c2431e5f868228c1f286fca1033d221 2023-11-20
FileHash-MD5 579f1883cdfd8534167e773341e27990 2023-11-20
FileHash-MD5 8096dfaa954113242011e0d7aaaebffd 2023-11-20
FileHash-MD5 86d28664fc7332eafb788a44ac82a5ed 2023-11-20
FileHash-MD5 9d9851d672293dfd8354081fd0263c13 2023-11-20
FileHash-MD5 cbeaedfa84b02a2bd41a70fa92a46c36 2023-11-20
FileHash-MD5 cdae1c55ec154cd6cef4954519564c01 2023-11-20
References (1)
↗ https://research.checkpoint.com/2023/malware-spotlight-into-the-trash-analyzing-litterdrifter/