Nytro Posted February 17, 2015 Report Posted February 17, 2015 CARBANAK APTTHE GREAT BANK ROBBERYBy KasperskyTable of contents1. Executive Summary...........................................32. Analysis...................................................52.1 Infection and Transmission.............................52.2 Malware Analysis – Backdoor.Win32.Carbanak...........72.3 Lateral movement tools............ 182.4 Command and Control (C2) Servers........... 193. Conclusions.................................................23APPENDIX 1: C2 protocol decoders................. 24APPENDIX 2: BAT file to detect infection.............. 27APPENDIX 3: IOC hosts.............. 28APPENDIX 4: Spear phishing................. 34APPENDIX 5: MD5 hashes of Carbanak samples............36 Download: https://securelist.com/files/2015/02/Carbanak_APT_eng.pdf Quote