Scaly Wolf uses White Snake stealer against Russian industry [Friday, February 02, 2024]

Scaly Wolf, a group tracked by Bi.ZONE since summer 2023, conducted several phishing campaigns, disguising letters as requests from Russian regulat...
Scaly Wolf uses White Snake stealer against Russian industry [Friday, February 02, 2024]
Scaly Wolf uses White Snake stealer against Russian industry

Scaly Wolf uses White Snake stealer against Russian industry

Description :
Scaly Wolf, a group tracked by Bi.ZONE since summer 2023, conducted several phishing campaigns, disguising letters as requests from Russian regulators and law enforcement agencies. In all cases the text of the letter is written correctly from a legal point of view, which makes the mailing convincing, inspires the user’s trust and encourages them to launch a malicious file. The implementation of the attack leads to the infection of systems with a payload in the form of the White Snake stealer,

Published Created Modified
2024-02-02 11:53:37 2024-02-02 11:53:37 2024-02-02 12:06:34

Indicators

IPv4s : Malwares :
  • White Snake
Hashes :
  • 123aaddb10f1715bff99617342df9cec7bb68d61abbc502f18938a7dcf0a4216
  • f3224cff0d7d5a9487dd405aa53217992c4a11616cc9990ce1745bc1b008c3fe
  • ebbefe31a1486ed1a2f70538380dc899c2b0d704028cde9ba4dbf64b91293e3a
  • 7721e208d790b836c4ae2ac3e7dde1ff799953e62932d9e418acfeecfcff43ca
  • f076bc181ea521bb494b799203945af4f2db1635b20cef395ad67819dd397f7b
  • d18aa5d58656fffd7a2a0a3d7f6f4e011bf0f39b8f89701b0e5263951e1ce90c
  • 56393c8cbea881f8382d195682787254bb576cc4b370410eb94fd93a00a82ee8
  • 43eb634a7c80730889d64e6b13987a5bb4068dd463bc728db08d1eba3499d8d1
  • 5f227b976bd5303358e28a62103b7cc15210efdfa640b8e754f757690a716edb
  • 8294f2ac1971d55b08b3cbed419929c24998d986b8d4ab5a126f6a901646ef99
Intrusion set :
  • Scaly Wolf
Location :
  • Russian Federation
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.