Georgian CERT vs Russian FSB spies

Win32/Georbot: From Georgia With Love

#12265 by axl
Thu Mar 22, 2012 8:44 am

blog: http://blog.eset.com/2012/03/21/win32ge ... -with-love
official research report: http://blog.eset.com/wp-content/media_f ... _final.pdf

Username

axl

Posts

5

Joined

Thu Apr 15, 2010 6:40 pm

Re: Win32/Georbot: From Georgia With Love

#12974 by leeno
Tue May 01, 2012 6:09 pm

attaching sample for this bot

Attachments

e5a4505705677c5f912efb6659bcd31b.zip

pass: infected
(16.57 KiB) Downloaded 72 times

Username

leeno

Posts

45

Joined

Wed Apr 11, 2012 10:19 am

Georgian CERT vs Russian FSB spies

#16360 by kmd
Thu Nov 01, 2012 8:19 am

http://dea.gov.ge/uploads/CERT%20DOCS/C ... ionage.pdf

FSB hacker profile :D

http://wasm.ru/forum/profile.php?id=22911

Username

kmd

Posts

271

Joined

Mon Mar 15, 2010 4:09 am

Location

Russian Federation

Re: Georgian CERT vs Russian FSB spies

#16363 by 360Tencent
Thu Nov 01, 2012 10:36 am

http://labs.alienvault.com/labs/index.p ... overnment/

Username

360Tencent

Posts

116

Joined

Thu Dec 15, 2011 12:47 pm

Re: Georgian CERT vs Russian FSB spies

#16364 by hanan
Thu Nov 01, 2012 1:21 pm

kmd wrote:http://dea.gov.ge/uploads/CERT%20DOCS/C ... ionage.pdf

That is Good one, see page 22. :mrgreen:

Username

hanan

Posts

44

Joined

Wed Jul 11, 2012 5:26 pm

Re: Georgian CERT vs Russian FSB spies

#16368 by namamo85
Thu Nov 01, 2012 5:25 pm

360Tencent wrote:http://labs.alienvault.com/labs/index.p ... overnment/

Java files mentioned in this report:

Attachments

Java-2010-0842.zip

Password: infected
(2.17 KiB) Downloaded 51 times

newexp.zip

password: infected
(4.23 KiB) Downloaded 51 times

Username

namamo85

Posts

3

Joined

Tue Nov 02, 2010 3:38 pm

Re: Georgian CERT vs Russian FSB spies

#16373 by kmd
Fri Nov 02, 2012 2:11 am

http://blog.eset.com/wp-content/media_f ... _final.pdf

list of md5

88ef2c99b9bbf1a28e94ca73d6e1e240
975cec4facebdd3bde765d8d08eb6f88
3802a729e39269ea4a3d28038c6ffded
b19223491c305c94ab17e783b2bf569b
f21a93bdef0c39e129a66b67be3bf96f
34c2ecf412dfa56e3248c3ab7f7d8144
1b9fa7ff25409943af6f18d10ff646ba
f8fca4dd776286f17039ae43ef1b296a
b83c92a15505a70102d78cce4d512c49
775790a2ad74a63ef1b0e28eb16c7d7b
3c360d627b0ed3032a68337222602641
09e72c283b8757f8602597155f770865
fb174116815cad1007e4eb3638ba7837
bf28400adea7cc6d881f675ba6fb5cbe
50f5ef46477d95a61819f31e03c22aa2
34a01d3b230497f835afccef37eb2a3a
17f88ded6b03de3e41d2f28fbca6eaaf
88ef2c99b9bbf1a28e94ca73d6e1e240
0b6830458ab82495d3e9d63db08ff99e
a69d1632eac9104cc637ced6218de60f
f5b6db5b995de679c65c2eab94afe47a
78bfaf22ba2e3661d1cd24e4c6505cb5
d28313c55234a562465ebc540d805deb
a69d1632eac9104cc637ced6218de60f
5ba25c1da656d1211b04fd3e155c0104
ee4c960a52258bf769226b909861a2a2
6a624b7bc173da37deb5ece71a0f34c1
cdfb97edc59655c6377ad9ab1f923a18
7430f980b63f1e8f8c33ed3f58dcacd4
f330a11f4c5200383eb3a4427fae5fb3
e44458b85684e9892001d3f729339540
692ecfc9432def5f172c41a38333abcf
aad7d50f598ba2b3401178f9f5cd5d6b
3db4b92c05e759216f481be193754c53
1ed41c5f12b15aac80a097d07b380983
92752947e3710718ac67074b30fe4d53
ba283fea5eaa15a67c722cb5dc6dbf92
007c5bfdfc5402d360a811eedf553fb1
f94b008eee4e4756cb7d30c676021b45
bd01c67a0fa278787ef0e2250c26a948
3c7a60058bae519a1a9d88a775bd06ab
3c7a60058bae519a1a9d88a775bd06ab
6d7e072337922702fafc897eef7ae6b5
725540a7058cb4ca8dd227b66204eb6c
6d7e072337922702fafc897eef7ae6b5
df97e7d644f6e56021a1dbc7ac154c0e
6e8b032cc79214351a441ac25061ab9a
bcaa3045b7efdc09d35319b7e456aa9d
402118b0c77fcb947cb0f2e5d2c8d62a
fdb7e4a88eba4f96c029e0bdcf3c6957
0599eba2fb6ce06fb81cf69c2040bf98
db40c0f6af7c32c043e5a444f3e946d8
59658c007b74343307d7d8c1f2339444
e5910dd6ab4b87a653466553ad3c4084
b9a07a4e3fc96a092281cca9fbaf69b7
b8b377e5d716908ffb74533312765060
b9901f37d3359890ff4b45f7c4fe8f20
4bea45402a4949c59ded422d58ac3ffe
2822fe137db434a6a5d62f528f4e8bb7
f48953e700ee0110dd89d79f327d9e9e
78fbb095c1796b9edf3f03ebbe996d89
d539089207eff94b2f9bb0ad110ce54b
d7c9c441df19ede7a06a71a3a26bfc3f
2dd06fba38d907fbe72a144bba6ee727
ffed6af8b75e1a2ac8a8928481a3ef56
bf5e3dbcb2e72a182104744938ed5aea
e1922c3d6ed4291905c127c60d08d192
db4ee065767bbed2d725accb653d3bae
e649cedf360aebdeff6d515649603aca
839d6ad28c7ba1983dba54cc3ddf7098
c693347da140f16de14d0fcd0bf90016
717bf84a544bd04ef57869d3cabaa338

Username

kmd

Posts

271

Joined

Mon Mar 15, 2010 4:09 am

Location

Russian Federation

Re: Georgian CERT vs Russian FSB spies

#16481 by kmd
Wed Nov 07, 2012 7:24 am

still unclear was it kremlin hand or not as i understood

Username

kmd

Posts

271

Joined

Mon Mar 15, 2010 4:09 am

Location

Russian Federation

Re: Georgian CERT vs Russian FSB spies

#16482 by EP_X0FF
Wed Nov 07, 2012 8:11 am

kmd wrote:still unclear was it kremlin hand or not as i understood

Do you really believe in this georgian BS? :) Their report not good at all and is clearly serves to maintain, create an image of a terrible enemy of state. This is common behaviour of several exUSSR countries, mostly observed before in Baltic region. Several parts of this report simple copy-pasted from ESET article with additionally added nonsense text and conclusions. In a short: this story is ESET research as base + added by georgian CERT (wtf is that by the way - all research done by ESET) low quality political-oriented bullshit. I can describe it page by page if interested :)

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Re: Georgian CERT vs Russian FSB spies

#16495 by kmd
Thu Nov 08, 2012 5:51 am

u mean this ? :D

found this russian hacker extremely looking like a stereotypical georgian citizen :D

and more photos of famous hacker found:D

Username

kmd

Posts

271

Joined

Mon Mar 15, 2010 4:09 am

Location

Russian Federation