Stately Taurus Targets the Philippines As Tensions Flare in the South Pacific [Friday, November 17, 2023]

Stately Taurus Targets the Philippines As Tensions Flare in the South Pacific [Friday, November 17, 2023]
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/ATTACK-REPORT-LOGO-2.png
Report

Stately Taurus Targets the Philippines As Tensions Flare in the South Pacific

Description :
Coinciding with these real-world events, researchers observed three Stately Taurus campaigns during the month of August. These campaigns are assessed to have targeted entities in the South Pacific including the Philippines government. The campaigns leveraged legitimate software including Solid PDF Creator and SmadavProtect (an Indonesian-based antivirus solution) to sideload malicious files. Threat authors also creatively configured the malware to impersonate legitimate Microsoft traffic for command and control (C2) connections.

Published :
2023-11-17T14:01:06.733Z

Created :
2023-11-17T14:01:06.733Z

Modified :
2023-11-17T14:09:16.721Z

Tags

  • mustang panda
  • pdf
  • stately taurus

Indicators

Hashes :
  • 54be4a5e76bdca2012db45b1c5a8d1a9345839b91cc2984ca80ae2377ca48f51
  • 24c6449a9e234b07772db8fdb944457a23eecbd6fbb95bc0b1398399de798584
  • 2b05a04cd97d7547c8c1ac0c39810d00b18ba3375b8feac78a82a2f9a314a596
  • ba7c456f229adc4bd75bfb876814b4deaf6768ffe95a03021aead03e55e92c7c
  • d57304415240d7c08b2fbada718a5c0597c3ef67c765e1daf4516ee4b4bdc768
  • 969b4b9c889fbec39fae365ff4d7e5b1064dad94030a691e5b9c8479fc63289c
  • bebde82e636e27aa91e2e60c6768f30beb590871ea3a3e8fb6aedbd9f5c154c5
  • 3597563aebb80b4bf183947e658768d279a77f24b661b05267c51d02cb32f1c9
Attacks Pattern :
  • T1530
  • T1020
  • T1036
  • T1119
  • T1071
External References :

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.