APT Calypso RAT, Flying Dutchman Samples

Reference

2019-10-31 Calypso APT: new group attacking state institutions

 Attackers exploit Windows SMB vulnerability CVE-2017-0143 or use stolen credentials to gain access, deploy the custom Calypso RAT and use it to upload other tools such as Mimikatz, EternalBlue and EternalRomance. They move laterally and steal data.

Download

             Other malware

Download. Email me if you need the password (see in my profile)

Hashes

MD5	SHA256	SHA1	Filename	File Tyee	Stage
aa1cf5791a60d56f7ae6da9bb1e7f01e	d5afa3bfd423ba060207ad025467feaa56ac53d13616ac8782a7f63c9fc0fdb4	bdd8b9115d1ae536d0ea1e62052485e5ad10761f	MPSSVC.dll	pe dll	Calypso RAT Payload
1e765fed294a7ad082169819c95d2c85	f6a09372156a8aef96576627a1ed9e57f194b008bb77e32ca29ac89505f933f0	60dda7ccd9ae00701046923b619a1b9c33c8e2ac	Wscntfy.exe	pe exe	Calypso RAT Dropper
17e05041730dcd0732e5b296db16d757	b6c21c26aef75ad709f6c9cfa84bfa15b7ee709588382ce4bc3544a04bceb661	f3301405d8ad5b160747241d6b2a8d88bf6292e8		pe exe	Calypso RAT Dropper
1ed72c14c4aab3b66e830e16ef90b37b	eebff21def49af4e85c26523af2ad659125a07a09db50ac06bd3746483c89f9d	dc0d0a34f107d140d9e47582e17a7fec945403ea	coal.exe	pe exe	Calypso RAT Dropper
e24a62d9826869bc4817366800a8805c	c407c3dde18c9b56ed24492ca257d77a570616074356b8c7854a080823f7ee17	53791c9e7c41931a6becb999fee4eb7daf9b1a11	data01.bin	pe dll	Calypso RAT Dropper
c9c39045fa14e94618dd631044053824	ab39301d45045172ad41c9a89210fdc6f0d3f9dccb567fd733b0dbffbfcfbcc3	1cda28bc307c09508dbb1f3495a967bbcc29326e		pe exe	Calypso RAT Dropper
69322703b8ef9d490a20033684c28493	e6a3b43acdaa824f3280095b10798ea341839f7d43f0460df8989f13c98fa6e0	f203680d97705d99f92fe9797691be6177f5fd41	RasCon.dll	pe dll	Calypso RAT Dropper
85ce60b365edf4beebbdd85cc971e84d	5dfdee5dd680948d19ab4d16df534cf10aca5fa0b157c59659d6517fe897c62f	d9c14f7b6de8e26ae33e41a72ae8e35bb1af4434		pe exe	Calypso RAT Dropper
6347e42f49a86aff2dea7c8bf455a52a	281583aca23f8fd8745dd88a600cbfc578d819859a13957ec022b86c3c1c99f4	8b2a81af85590e0e36efc1c05aa4f0600ea21545	HIDMgr.dll	pe dll	Calypso RAT Dropper
cb914fc73c67b325f948dd1bf97f5733	0031c7b63c1e1cd36d55f585d97e2b21a13a19858d5a1aa5455e5cc64b41e6e9	37ce4d0a3168e3b2f80b3fae38082e68a454aee0		pe exe	Calypso RAT Dropper
c84df4b2cd0d3e7729210f15112da7ac	4e8351ddaff18f7df6fcc27a3c75598e0c56d3b406818d45effb4e78616092c2	41a0c5a1aad36f405c8755613c732591e3300f97	mscorsvw.dll	pe dll	Calypso RAT Dropper
5199ef9d086c97732d97eddef56591ec	511683c8ee62478c2b45be1f782ce678bbe03c4349a1778651414803010b3ee9	d19a786adc09dff84642f2c2e0386193fa2a914b	dnscache.dll	pe dll	FlyingDutchman
06c1d7bf234ce99bb14639c194b3b318	a9a82099aa812d0c4025bee2b34f3b34c1d102773e36f1d50648815913dbe03d	464ab9e11d371bf24de46c98c295d4afe7e957c1	fromResource.exe	pedll	FlyingDutchman
617d588eccd942f243ffa8cb13679d9c	0664b09a86ec2df7dfe01a93e184a1fa23df66ea82cab39000944e418ec1f7b2	1b043fdcb582ed13cbf7dabcef6527762b5be93c		pe dll	Hussar
2807236c2d905a0675878e530ed8b1f8	314e438198f8cc2ee393c75f8e9f2ebd2b5133fd6f2b7deb1178f82782fc6330	2f6fe857632a67e87f4f3631bfa93713ccdf168a	AeLookupMgr.dll	pe dll	Calypso RAT Payload
cce8c8ee42feaed68e9623185c3f7fe4	38cc404437b936660066b71cc87a28af1995248d6d4c471706eb1dd347129b4b	9d2235c911b86bb6ad55d953a2f56ea78c5478e5	AppCert.dll.crt		Calypso RAT Payload
e1a578a069b1910a25c95e2d9450c710	413622ded5d344a5a78de4fea22cfdabdeb4cdccf69e9a1f58f668096c324738	36087a5b0809dc3f9dc5a77355a88e99af491a88	RasCfgMan.dll.crt		Calypso RAT Payload
0d532484193b8b098d7eb14319cefcd3	f8043d6bfc3e63d8561f7f74e65cb7ff1731577ecf6c7559795d9de21298f0fc	31f4c6dc6ce78b4e0439b30c830dfd5d9a3fc4fe	RasCfgMan.dll	pe dll	Calypso RAT Payload
974298eb7e2adfa019cae4d1a927ab07	0461710e681fd6dc9f1c83b57f94a88cd6df9e6432174cbfdd70dfd24577a0f8	41bc37679ce3caeecc176d10b4f8259918e25807	VirtualUMP.dll.crt		Calypso RAT Payload
05f472a9d926f4c8a0a372e1a7193998	8017923cd8169bf951106f053408b425f1eb310a9421685638ead55bb3823db3	8d909bd3450ebe0cffd0cb17b91bc28d23ef5083	EFSProvider.dll.crt		Calypso RAT Payload
d1a1166bec950c75b65fdc7361dcdc63	f3f38c097b0cc5337b7d2dbec098bf6d0a3bb4a3e0336e7b1c8af75268a0a49d	5731350f68a74fb4762c4ea878ecff635588a825	RasCon.dll	pe dll 64bits assembly	Calypso RAT Payload
e3e61f30f8a39cd7aa25149d0f8af5ef	c4dc7519bccc24c53794bf9178e4a4d0823875c34479d01cedbb3e9b10f5c730	1b75ea494c3ac171c5177bdcc263b89a3f24f207	MPSSVC.dll	pe dll	Calypso RAT Payload

More info

1. Pentest Tools Kali Linux
2. How To Install Pentest Tools In Ubuntu
3. Hacking Tools Kit
4. Hacking Tools 2020
5. Hack Tools Pc
6. Hack Rom Tools
7. Nsa Hack Tools
8. Hacker Tools 2019
9. Easy Hack Tools
10. Hack Tools For Mac
11. Hak5 Tools
12. Hacker Tools For Mac
13. Hacker
14. What Are Hacking Tools
15. Hack And Tools
16. Hacker Tools Github
17. Hack Rom Tools
18. Kik Hack Tools
19. Pentest Reporting Tools
20. Tools For Hacker
21. Hack Website Online Tool
22. Hacker Search Tools
23. Pentest Recon Tools
24. Pentest Recon Tools
25. Hacking App
26. What Is Hacking Tools
27. Hack Tools For Windows
28. Easy Hack Tools
29. Underground Hacker Sites
30. Hak5 Tools
31. Free Pentest Tools For Windows
32. Pentest Tools Kali Linux
33. Hack Tools For Pc
34. Hacker Tools Software
35. Pentest Tools Windows
36. Pentest Tools Windows
37. Pentest Tools Github
38. Hacker Tools Hardware
39. Nsa Hack Tools
40. How To Make Hacking Tools
41. Hack Tools Pc
42. Game Hacking
43. Hacking Tools For Windows 7
44. Hacking Tools 2019
45. Hacker Tools Free
46. Hacking Tools For Mac
47. Hacker Tools List
48. Pentest Reporting Tools
49. Hack Tools Mac
50. Pentest Tools Framework
51. Hacking Tools Name
52. Pentest Tools Open Source
53. Hacker Tools Software
54. Hack Tools For Mac
55. Pentest Tools Apk
56. Hack Tools Mac
57. Hacker Tools 2019
58. Hacker Tools 2020
59. Pentest Tools Kali Linux
60. Github Hacking Tools
61. Hacking Tools For Beginners
62. Pentest Tools Review
63. Hacking Tools Hardware
64. Hack App
65. Underground Hacker Sites
66. Ethical Hacker Tools
67. Pentest Tools Open Source
68. Hack Tools For Games
69. Hacker Tools 2020
70. Hacker Tools 2019
71. Pentest Tools Kali Linux
72. Blackhat Hacker Tools
73. Hacking Tools 2020
74. Pentest Tools Windows
75. Hacker Tool Kit
76. Hack Tools For Games
77. Hacking Tools 2019
78. Top Pentest Tools
79. Hacking Tools For Windows 7
80. Hacking Tools Windows 10
81. Tools 4 Hack
82. Hacking Tools Github
83. Hak5 Tools
84. Hacking Tools For Mac
85. Pentest Tools Find Subdomains
86. Android Hack Tools Github
87. Hacking Tools For Beginners
88. Hacking Tools For Games
89. Hacking Tools 2019
90. Tools Used For Hacking
91. Pentest Tools For Mac
92. Pentest Tools For Ubuntu
93. Hacker Tools Software
94. Best Hacking Tools 2019
95. Pentest Tools
96. Hacker Tools 2020
97. Hacking Tools Online
98. Termux Hacking Tools 2019
99. Pentest Reporting Tools
100. Pentest Tools Open Source
101. Hacker Tools For Mac
102. Hacker Tools Windows
103. Hack Rom Tools
104. Hacking Tools 2020
105. Underground Hacker Sites
106. Pentest Tools Find Subdomains
107. Nsa Hack Tools Download
108. Pentest Tools Linux
109. Pentest Tools Linux
110. Kik Hack Tools
111. Hack Tools Github
112. Hacker Tools For Windows
113. Physical Pentest Tools
114. Hacking Tools For Mac

OWASP May Connector 2019

*|MC_PREVIEW_TEXT|*

OWASP Connector May 2019 Communications | Projects | Events | Community | Membership COMMUNICATIONS Letter from the Vice Chairman: Dear OWASP Community, Since last month the foundation has been busy working towards enabling our project leaders and community members to utilize funds to work on nurturing and developing projects. So far there has been huge uptake on this initiative. It's great to see so many people passionate about collaborating at project summits.    Our Global AppSec Tel-Aviv is nearly upon us, for members, there is an extra incentive for attending this conference, in the form of a significant discount. This and the sandy beaches and beautiful scenery, not to mention the great speakers and trainers we have lined up, is a great reason to attend. If you have not done so we would encourage you to attend this great conference - https://telaviv.appsecglobal.org.   One of the key things I've noticed in my Board of Director tenure is the passion our community emits, sometimes this passion aids in growing the foundation, but sometimes it also forces us to take a step back and look at how we do things within the foundation. With Mike, our ED and staff we have seen a lot of good change from an operations perspective, with more in the pipeline. Mike's appointment has allowed the Board of Directors to take a step back from operations and enable us to work on more strategic goals. To this end at a recent Board meeting we discussed each Board member taking up one of the following strategic goals, as set out at the start of the year:   1.Marketing the OWASP brand  2.Membership benefits 3.Developer outreach Improve benefits  Decrease the possibility of OWASP losing relevance Reaching out to management and Risk levels Increase involvement in new tech/ ways of doing things – dev ops   4.Project focus  Get Universities involved Practicum sponsored ideas Internships    5.Improve finances 6.Improve OWAP/ Board of Directors Perception 7.Process improvement 8. Get consistent ED 9.Community empowerment   I would encourage the community to come forward if you have any ideas on the above and are happy to work with one of the 7 Board of Directors and community members on one of these initiatives.    Thanks and best wishes,  Owen Pendlebury Vice Chair OWASP FOUNDATION UPDATE FROM INTERIM EXECUTIVE DIRECTOR: OWASP Foundation welcomes aboard Emily Berman as Events Director. Emily was most recently with the Scrum Alliance where she planned high-profile functions for upwards of 2,000 guests. Emily brings a fresh approach to events planning and her 12 years of experience planning and organizing large-scale events worldwide well in advance will greatly benefit our Global AppSecs. Did you Register yet?  Global AppSec DC September 9-13, 2019 submit to the Call for Papers and Call for Training Check out Sponsorship Opportunities while they are still available. Save the Date for Global AppSec Amsterdam Sept 23-27, 2019  Sponsorship Opportunities are available EVENTS  You may also be interested in one of our other affiliated events: REGIONAL AND LOCAL EVENTS Event Date Location Latam Tour 2019 Starting April 4, 2019 Latin America OWASP Portland Training Day September 25, 2019 Portland, OR OWASP Italy Day Udine 2019 September 27,2019 Udine, Italy OWASP Portland Day October 16,2019 Wroclaw, Poland LASCON X October 24-25,2019 Austin, TX OWASP AppSec Day 2019 Oct 30 - Nov 1, 2019 Melbourne, Australia PARTNER AND PROMOTIONAL EVENTS Event Date Location Open Security Summit June 3-7,2019 Woburn Forest Center Parcs, Bedfordshire Hack in Paris 2019 June 16-20, 2019 Paris Cyber Security and Cloud Expo Europe June 19-20, 2019 Amsterdam IoT Tech Expo Europe June 19-20, 2019 Amsterdam BlackHat USA 2019 August 3-8,2019 Las Vegas, Nevada DefCon 27 August 8-11,2019 Las Vegas, Nevada it-sa-IT Security Expo and Congress October 8-10, 2019 Germany PROJECTS We have had the following projects added to the OWASP inventory.  Please congratulate these leaders and check out the work they have done: Project Type Leader(s) Risk Assessment Framework Documentation Ade Yoseman Putra, Rejah Rehim QRLJacker Tool Mohammed Baset Container Security Verification Standard Documentation Sven Vetsch Find Security Bugs Code Philippe Arteau Vulnerable Web Application Code Fatih Çelik D4N155 Tool Julio Pedro de Lira Neto Jupiter Tool Matt Stanchek Top 10 Card Game Documentation Dennis Johnson Samurai WTF Code Kevin Johnson DevSecOps Maturity Model Documentation Timo Pagel   Also, we will have the following projects presenting at the Project Showcase Global AppSec Tel Aviv: Final Schedule Wednesday, May 29th Thursday, May 30th Time Project Presenter(s) Confirmed Time Project Presenter(s) Confirmed 10:​4​5 a.m. Glue Tool Omer Levi Hevroni Yes 10:​30 ​ a.m. API Security Erez Yalon, Inon Shkedy Yes   ​7                     11:5​5​ a.m. IoT & Embedded AppSec Aaron Guzman Yes 11:​50​ a.m. Mod Security Core Rule Set Tin Zaw Yes         12:​25 ​p.m. Automated Threats Tin Zaw Yes 12:​30 ​p.m. Lunch Break   12:​55​ p.m. Lunch Break   2:​35​ p.m. SAMM John DiLeo Yes         ​3:10​ p.m. Application Security Curriculum John DiLeo Yes ​3:10 p.m. ​Damned Vulnerable Serveless Application​ ​Tal Melamed​ ​Yes​   Finally, if you are able to help participate in the Project Reviews at the Conference, please send me an email at harold.blankenship@owasp.com.  We have a large line-up of projects to review this time around: Project To Level Leader(s) Snakes and Ladders Flagship Katy Anton, Colin Watson Cheat Sheet Series Flagship Dominique Righetto, Jim Manico Mobile Security Testing Guide Flagship Jeroen Willemsen, Sven Schleier Amass Lab Jeff Foley Attack Surface Detector Lab Ken Prole SecureTea Lab Ade Yoseman Putra, Bambang Rahmadi K.P, Rejah Rehim.A.A Serverless Goat Lab Ory Segal Google Summer of Code Update: We were allocated 13 students this year!  The current timeline is as follows: Google Season of Docs: We were accepted into the Google Season of Docs.  There will be a single technical writer resource.  The current timeline is as follows: COMMUNITY New OWASP Chapters Riyadh, Saudi Arabia Guayaquil, Equador Lome, Togo Natal, Brazil Nashua, New Hampshire Gwalior, India Louisville, Kentucky Nainital, India Liverpool, United Kingdom Syracuse, New York MEMBERSHIP   We would like to welcome the following Premier and Contributor Corporate Members. Premier Corporate Members Contributor Corporate Members Join us Donate Our mailing address is: OWASP Foundation  1200-C Agora Drive, # 232 Bel Air, MD 21014   Contact Us Unsubscribe

This email was sent to *|EMAIL|* why did I get this?    unsubscribe from this list    update subscription preferences *|LIST:ADDRESSLINE|*