Win32/Sednit (Trojan.Sofacy, APT28)

#25856 by R136a1
Wed May 13, 2015 6:20 pm

Hi folks,

attached is the variant of Sednit which uses local privilege escalation vulnerability CVE-2015-1701. More information:
https://www.fireeye.com/blog/threat-res ... _useo.html

pw: infected
(104.87 KiB) Downloaded 131 times

Username

R136a1

Rank

Forum Admin

Posts

272

Joined

Wed Jul 13, 2011 4:30 pm

Location

Netherlands

#25879 by Ta!0n
Fri May 15, 2015 7:29 pm

Seems to share characteristics with Carberp: https://github.com/hzeroo/Carberp

(104.87 KiB) Downloaded 55 times

Username

Ta!0n

Posts

Joined

Sat Jan 18, 2014 8:29 pm

#25881 by EP_X0FF
Sat May 16, 2015 3:52 am

You actually posted same samples twice. Do a basic search next time.

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact