IOC pivotioc · name
Rana Intelligence Computing toolset
IR · IranAPT39confidence · high
Composite designation Treasury and the FBI used on 17 Sep 2020 for the eight malware sets (VBS/AutoIt scripts, BITS 1.0 and BITS 2.0 variants, a Firefox-impersonating binary, a Python tool, Android malware and Depot.dat) operated by MOIS front company Rana Intelligence Computing Company (APT39 / Chafer / Remix Kitten). Released as FBI advisory MAR-10303705 the same day Treasury sanctioned the front company and 45 associated individuals.
- family
- Rana toolset
- first seen
- Sep 16, 2020
- publisher
- FBI