← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Malware Spotlight - Into the Trash: Analyzing LitterDrifter - Check Point Research
WHITE Gamaredon CyberHunter_NL 2023-11-20 Modified: 2023-12-20
79
IOCs
HIGH VOLUME
The LitterDrifter worm, developed by the Russian espionage group Gamaredon, propagates over USB drives and maintains a broad command and control channel to a wide set of command-and-control servers.
litterdriftergamaredonip addressc2 moduledeobfuscoderspreader modulewmi querycheck pointukrainec2 channelservicespreader
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Deobfuscoder Spreader LitterDrifter
Indicators of Compromise (10 / 79 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 0afc3ea3b44cd706064b8f16111c7cd9ed26a3037c32d5d4a028e8115022ec62 SHA256 of 2239800bfc8fdfddf78229f2eb8a7b95 2023-11-20
FileHash-SHA256 1f9ca09a38fc04d4335decd496ebbf3eaaff5b988950509d498863e6f0e33ea1 SHA256 of 579f1883cdfd8534167e773341e27990 2023-11-20
FileHash-SHA256 35fa55d2ff474823944ab67941256ff5c50dfb90bc01bab03307acc40a1c49eb SHA256 of 86d28664fc7332eafb788a44ac82a5ed 2023-11-20
FileHash-SHA256 3847eec2194dff08e78cb53f4f82e21279f2404e75141a6c49587174ed778e0c SHA256 of 4c2431e5f868228c1f286fca1033d221 2023-11-20
FileHash-SHA256 3d7bdd9de01215c4b94db5775ce33ee065ede42d766e91fd71de2d9e838b1bca SHA256 of 1c49d04fc0eb8c9de9f2f6d661826d24 2023-11-20
FileHash-SHA256 460722fa203c44c22763d3e0584a069bd8869c1d64d5088de9991e6d691dc3f9 SHA256 of cdae1c55ec154cd6cef4954519564c01 2023-11-20
FileHash-SHA256 50f5e8f673915508d2add406f1c72de5112a01a1b3fdd41b314029c796a7d754 SHA256 of 8096dfaa954113242011e0d7aaaebffd 2023-11-20
FileHash-SHA256 775aee4485146790107a435fdb548f397ddb5fa31bc72a20e67e0d8973103855 SHA256 of 9d9851d672293dfd8354081fd0263c13 2023-11-20
FileHash-SHA256 81f7360302e4dcc3e315ac51b0ab1945004809cad1e622ad7a7452889dad3bd7 SHA256 of cbeaedfa84b02a2bd41a70fa92a46c36 2023-11-20
FileHash-SHA256 dcfa6e2ee9d3abad0db0e3091e547e3e6f14392878ab743f1710fa880ea23385 SHA256 of 49d1f9ce1d0f6dfa94ad9b0548384b3a 2023-11-20
References (1)
↗ https://research.checkpoint.com/2023/malware-spotlight-into-the-trash-analyzing-litterdrifter/