At the time of submission on May 12th, several of the malware samples were not detected as malicious by most of the anti-virus products that Virus Total uses to check submissions. Targeted attacks from well-funded threat groups are able to create and maintain malware that is not recognized by anti-virus products. It is important to practice defense-in-depth to protect critical computer systems from intrusion by monitoring for attacker behaviors and quickly responding to investigate unusual activity on workstations and servers.
Indications of compromise:
SHA-256 hashes of malware samples:
To read more, please see: