top of page
Search

Green Stone

A few days ago InQuest discovered a very interesting sample that was uploaded from Iran. The document is a contract for the supply of services to an energy company from southern Iran «Tavangoostar Niro va Gashtavar Jonob». The document also contains a link to this energy company. Since this family of malicious documents containing executable files was not previously known, InQuest named it the Green Stone.




ADVERSARY: Green Stone


INDUSTRY: Energy


TARGETED COUNTRY: Iran, Islamic Republic of


MALWARE FAMILY: Green Stone


ATT&CK IDS: T1102 - Web Service, T1113 - Screen Capture, T1140 - Deobfuscate/Decode Files or Information, T1566 - Phishing


Read More:

5 views

Comments


Commenting has been turned off.
bottom of page