Stairwell, Inc.
Hilbert Curve
7ed2d1aceab5f54df4acca63b5d269842d49521e13bab5e652237667c7eef261

APT29/Cozy Bear

2014

Malware tied to Russian espionage campaigns.

# Properties

magic exe
mime type application/vnd.microsoft.portable-executable
size 558.0 kB
entropy 7.844827175
md5 a5d6ad...5a5080
sha1 f7d47c...f02e15
sha256 7ed2d1...eef261
imphash 6b26d6...bb94f7
tlsh 4ec412...b38797

Internet Results

yara-rules/RussianAPT.yar at master · intezer/yara-rules · GitHub
GitHub
... " or hash.sha256(0, filesize) == "7ed2d1aceab5f54df4acca63b5d269842d49521e13bab5e652237667c7eef261" or hash.sha256(0, filesize) ...
APTMalware/overview.csv at master · cyber-research/APTMalware ...
GitHub
... 7ed2d1aceab5f54df4acca63b5d269842d49521e13bab5e652237667c7eef261,https://www.f-secure.com/documents/996508/1030745/dukes_whitepaper.pdf 1909,Russia,APT 29 ...
Stairwell, Inc.
Visit Stairwell.com
2