SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.wellmess (Back to overview)

elf.wellmess

Actor(s): APT 29


There is no description at this point.

References
2020-09-10Kaspersky LabsGReAT
@online{great:20200910:overview:f751b73, author = {GReAT}, title = {{An overview of targeted attacks and APTs on Linux}}, date = {2020-09-10}, organization = {Kaspersky Labs}, url = {https://securelist.com/an-overview-of-targeted-attacks-and-apts-on-linux/98440/}, language = {English}, urldate = {2020-10-05} } An overview of targeted attacks and APTs on Linux
Cloud Snooper Dacls DoubleFantasy MESSAGETAP Penquin Turla Tsunami elf.wellmess X-Agent
2020-08-17PWCPWC UK
@online{uk:20200817:wellmess:a67a30c, author = {PWC UK}, title = {{WellMess malware: analysis of its Command and Control (C2) server}}, date = {2020-08-17}, organization = {PWC}, url = {https://www.pwc.co.uk/issues/cyber-security-services/insights/wellmess-analysis-command-control.html}, language = {English}, urldate = {2020-08-20} } WellMess malware: analysis of its Command and Control (C2) server
elf.wellmess
2020-08-13Talos IntelligenceMartin Lee, Paul Rascagnères, Vitor Ventura
@online{lee:20200813:attribution:ced59ff, author = {Martin Lee and Paul Rascagnères and Vitor Ventura}, title = {{Attribution: A Puzzle}}, date = {2020-08-13}, organization = {Talos Intelligence}, url = {https://blog.talosintelligence.com/2020/08/attribution-puzzle.html}, language = {English}, urldate = {2020-08-14} } Attribution: A Puzzle
WellMail elf.wellmess AcidBox WellMess
2020-07-29Kaspersky LabsGReAT
@online{great:20200729:trends:6810325, author = {GReAT}, title = {{APT trends report Q2 2020}}, date = {2020-07-29}, organization = {Kaspersky Labs}, url = {https://securelist.com/apt-trends-report-q2-2020/97937/}, language = {English}, urldate = {2020-07-30} } APT trends report Q2 2020
PhantomLance Dacls Penquin Turla elf.wellmess AppleJeus Dacls AcidBox Cobalt Strike Dacls EternalPetya Godlike12 Olympic Destroyer PlugX shadowhammer ShadowPad Sinowal VHD Ransomware Volgmer WellMess X-Agent XTunnel
2020-07-16NCSC UKNCSC UK
@techreport{uk:20200716:advisory:d2a121d, author = {NCSC UK}, title = {{Advisory: APT29 targets COVID-19 vaccine development}}, date = {2020-07-16}, institution = {NCSC UK}, url = {https://www.ncsc.gov.uk/files/Advisory-APT29-targets-COVID-19-vaccine-development.pdf}, language = {English}, urldate = {2020-09-01} } Advisory: APT29 targets COVID-19 vaccine development
WellMail elf.wellmess SoreFang WellMess
2020-07-16PWC UKPWC UK
@online{uk:20200716:how:8504d30, author = {PWC UK}, title = {{How WellMess malware has been used to target Covid-19 vaccines}}, date = {2020-07-16}, organization = {PWC UK}, url = {https://www.pwc.co.uk/issues/cyber-security-services/insights/cleaning-up-after-wellmess.html}, language = {English}, urldate = {2020-07-17} } How WellMess malware has been used to target Covid-19 vaccines
elf.wellmess WellMess
2018-12-01BotconfYoshihiro Ishikawa, Shinichi Nagano
@techreport{ishikawa:20181201:lets:73b0c60, author = {Yoshihiro Ishikawa and Shinichi Nagano}, title = {{Let's go with a Go RAT!}}, date = {2018-12-01}, institution = {Botconf}, url = {https://www.botconf.eu/wp-content/uploads/2018/12/2018-Y-Ishikawa-S-Nagano-Lets-go-with-a-Go-RAT-_final.pdf}, language = {English}, urldate = {2020-04-28} } Let's go with a Go RAT!
elf.wellmess WellMess
2018-07-06JPCERT/CCShusei Tomonaga
@online{tomonaga:20180706:malware:dc21b83, author = {Shusei Tomonaga}, title = {{Malware “WellMess” Targeting Linux and Windows}}, date = {2018-07-06}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2018/07/malware-wellmes-9b78.html}, language = {English}, urldate = {2020-07-17} } Malware “WellMess” Targeting Linux and Windows
elf.wellmess WellMess

There is no Yara-Signature yet.