For this week’s TTP Tuesday we are releasing a new APT29 themed chain based on WellMess malware used to target COVID-19 vaccine manufacturers. Both NCSC and CISA released multiple advisories on APT29 targeting vaccine development in early 2020.
Our primary chain stages and executes a disarmed WellMess malware sample. We’ve included two additional chains to both set up a gost server and a gost client so you can start routing network traffic through a socks5 proxy. To get started, configure your range with the required gost facts such as server IP and proxy port.
Please subscribe and reach out with any feedback. We love to hear from our community!
There are several ways to follow us and learn more about Prelude and our team members:
GET OUR PRODUCTS
Download Prelude Operator: www.prelude.org/download/current
See the latest kill chain and TTP Releases: chains.prelude.org/
See our open-source repositories: github.com/preludeorg
JOIN OUR COMMUNITY
Discord: discord.gg/gzUv4XNquu
Reddit: www.reddit.com/r/preludeorg/
Twitter: twitter.com/preludeorg
READ, WATCH, AND LISTEN
Listen to our Podcast: anchor.fm/preludeorg
Read our blog: feed.prelude.org/
Watch our live streams: www.twitch.tv/preludeorg
Watch our pre-recorded content: youtube.com/c/preludeorg
FOLLOW OUR TEAM
David: twitter.com/privateducky
Alex: twitter.com/khyberspache
Kris: twitter.com/Xanthonus
Octavia: twitter.com/VV_X_7
Sam: twitter.com/wasupwithuman
Prelude
コメント