Difference between revisions of "APT1: technical backstage"

From Botnets.fr
Jump to navigation Jump to search
 
m (Text replacement - "Campaign1=" to "Campaign=")
 
(6 intermediate revisions by the same user not shown)
Line 6: Line 6:
|Type=Blogpost
|Type=Blogpost
|Video=
|Video=
|Link=http://www.malware.lu/Pro/RAP002_APT1_Technical_backstage.1.0.pdf www.malware.lu
|Link=http://www.malware.lu/Pro/RAP002_APT1_Technical_backstage.1.0.pdf
|Author=Paul Rascagnères, Malware.lu,  
|Author=Paul Rascagnères, Malware.lu,  
|NomRevue=Malware.lu
|NomRevue=Malware.lu
Line 18: Line 18:
|OffensiveTool=
|OffensiveTool=
|ExploitKit=,  
|ExploitKit=,  
|Campaign1=APT1
|Campaign=APT1
|Campaign2=
|Campaign2=
|Campaign3=
|Campaign3=

Latest revision as of 21:29, 31 July 2015

(Publication) Google search: [1]

APT1: technical backstage
Botnet Poison Ivy, FakeM
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign APT1
Operation/Working group
Vulnerability
CCProtocol
Date 2013 / 08/04/2013
Editor/Conference Malware.lu
Link http://www.malware.lu/Pro/RAP002 APT1 Technical backstage.1.0.pdf (Archive copy)
Author Paul Rascagnères, Malware.lu
Type Blogpost

Abstract

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1345,
   editor = {Malware.lu},
   author = {Paul Rascagnères, Malware.lu},
   title = {APT1: technical backstage},
   date = {04},
   month = Aug,
   year = {2013},
   howpublished = {\url{http://www.malware.lu/Pro/RAP002_APT1_Technical_backstage.1.0.pdf}},
 }