Hello.
Final pack of Turla files. Decrypted payload dll's extracted earlier from resource container. They share the same encryption as driver and other dlls in the main dropper.
AV play in spy games better than do their actual work.
https://www.virustotal.com/en/file/099a ... 394813556/
https://www.virustotal.com/en/file/a15c ... 394813576/
https://www.virustotal.com/en/file/564e ... 394813590/
https://www.virustotal.com/en/file/152c ... 394813624/
https://www.virustotal.com/en/file/9611 ... 394813641/
https://www.virustotal.com/en/file/4c8b ... 394813661/
Best Regards,
-rin
Final pack of Turla files. Decrypted payload dll's extracted earlier from resource container. They share the same encryption as driver and other dlls in the main dropper.
AV play in spy games better than do their actual work.
https://www.virustotal.com/en/file/099a ... 394813556/
https://www.virustotal.com/en/file/a15c ... 394813576/
https://www.virustotal.com/en/file/564e ... 394813590/
https://www.virustotal.com/en/file/152c ... 394813624/
https://www.virustotal.com/en/file/9611 ... 394813641/
https://www.virustotal.com/en/file/4c8b ... 394813661/
Best Regards,
-rin
Attachments
pass: infected
(369.8 KiB) Downloaded 186 times
(369.8 KiB) Downloaded 186 times