SYMBOLCOMMON_NAMEaka. SYNONYMS
win.dosia (Back to overview)

Dosia

aka: DDOSIA

Actor(s): NoName057(16)

There is no description at this point.

References
2023-06-29Sekoiasekoia
@online{sekoia:20230629:following:248a859, author = {sekoia}, title = {{Following NoName057(16) DDoSia Project’s Targets}}, date = {2023-06-29}, organization = {Sekoia}, url = {https://blog.sekoia.io/following-noname05716-ddosia-projects-targets/}, language = {English}, urldate = {2023-07-05} } Following NoName057(16) DDoSia Project’s Targets
Dosia
2023-05-08ViuleeenzAlessandro Strino
@online{strino:20230508:extracting:2957b3f, author = {Alessandro Strino}, title = {{Extracting DDosia targets from process memory}}, date = {2023-05-08}, organization = {Viuleeenz}, url = {https://viuleeenz.github.io/posts/2023/05/extracting-ddosia-targets-from-process-memory/}, language = {English}, urldate = {2023-05-23} } Extracting DDosia targets from process memory
Dosia
2023-04-18Avast DecodedMartin Chlumecký
@online{chlumeck:20230418:ddosia:290d3e0, author = {Martin Chlumecký}, title = {{DDosia Project: How NoName057(16) is trying to improve the efficiency of DDoS attacks}}, date = {2023-04-18}, organization = {Avast Decoded}, url = {https://decoded.avast.io/martinchlumecky/ddosia-project-how-noname05716-is-trying-to-improve-the-efficiency-of-ddos-attacks/}, language = {English}, urldate = {2023-05-05} } DDosia Project: How NoName057(16) is trying to improve the efficiency of DDoS attacks
Dosia
2023-04-17B42 LabsLuca Mella
@online{mella:20230417:data:4a1e593, author = {Luca Mella}, title = {{Data Insights from Russian Cyber Militants: NoName05716}}, date = {2023-04-17}, organization = {B42 Labs}, url = {https://medium.com/@b42labs/data-insights-from-russian-cyber-militants-noname057-9f4db98f60e}, language = {English}, urldate = {2023-04-18} } Data Insights from Russian Cyber Militants: NoName05716
Dosia
2023-04-17BE42LATEB42 Labs
@online{labs:20230417:noname05716:b559057, author = {B42 Labs}, title = {{Noname057(16) Attack Tracker}}, date = {2023-04-17}, organization = {BE42LATE}, url = {https://noname.be42late.co/}, language = {English}, urldate = {2023-05-23} } Noname057(16) Attack Tracker
Dosia
2023-04-04Team CymruTeam Cymru, S2 Research Team
@online{cymru:20230404:blog:94e7e30, author = {Team Cymru and S2 Research Team}, title = {{A Blog with NoName}}, date = {2023-04-04}, organization = {Team Cymru}, url = {https://www.team-cymru.com/post/a-blog-with-noname}, language = {English}, urldate = {2023-05-05} } A Blog with NoName
Dosia
2023-01-12Sentinel LABSTom Hegel, Aleksandar Milenkoski
@online{hegel:20230112:noname05716:b3cb836, author = {Tom Hegel and Aleksandar Milenkoski}, title = {{NoName057(16) – The Pro-Russian Hacktivist Group Targeting NATO}}, date = {2023-01-12}, organization = {Sentinel LABS}, url = {https://www.sentinelone.com/labs/noname05716-the-pro-russian-hacktivist-group-targeting-nato/}, language = {English}, urldate = {2023-02-17} } NoName057(16) – The Pro-Russian Hacktivist Group Targeting NATO
Bobik Dosia NoName057(16)
Yara Rules
[TLP:WHITE] win_dosia_w0 (20230615 | No description)
rule win_dosia_w0 {
    meta:
        author = "B42 Labs"
        date = "2023-04-13"
        hash_md5 = "ac0d5e1ec2664ad36db8877078bcf6c3"
        tlp = "CLEAR"
        yarahub_license = "CC0 1.0"
        yarahub_reference_md5 = "ac0d5e1ec2664ad36db8877078bcf6c3"
        yarahub_rule_matching_tlp = "CLEAR"
        yarahub_rule_sharing_tlp = "CLEAR"
        yarahub_uuid = "873ebbf5-9f83-4cf5-9670-b159211dd3c2"
        
        malpedia_reference = "https://malpedia.caad.fkie.fraunhofer.de/details/win.dosia"
        malpedia_version = "20230615"
        malpedia_license = "CC BY-NC-SA 4.0"
        malpedia_sharing = "TLP:WHITE"
        
    strings:
         $s_0 = "HttpJob" wide ascii
         $s_1 = "SayHallo" wide ascii
         $s_2 = "StartJob" wide ascii
         $s_3 = "FastRequest" wide ascii
         $s_4 = "SetStatToBot" wide ascii
         $s_5 = "GetTargets" wide ascii

    condition:
        filesize < 10MB  and (5 of ($s_*))
}
Download all Yara Rules