From f77db67203575fc16ca78dcf8bc2373142da59ee Mon Sep 17 00:00:00 2001
From: Florian Roth <florian.roth@bsk-consulting.de>
Date: Tue, 1 May 2018 21:18:33 +0200
Subject: [PATCH] Malicious sample filename IOCs

---
 iocs/filename-iocs.txt | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/iocs/filename-iocs.txt b/iocs/filename-iocs.txt
index 6493992..cd3ace3 100644
--- a/iocs/filename-iocs.txt
+++ b/iocs/filename-iocs.txt
@@ -2993,4 +2993,9 @@ ystem32\\Microsoft\\Protect\\Windows\\svchost.exe;80
 \\Windows\\inf\\digirps\.PNF;65
 \\Windows\\inf\\e11\.PNF;65
 
+# Malicious sample https://app.any.run/tasks/b8f0a5d3-343f-47e2-b287-abbba9174d2a
+\\AppData\\Local\\Temp\\HelperNT\.txt;80
+\\AppData\\Local\\Temp\\HelperNT\.cab;80
+\\AppData\\Local\\Temp\\Gameover\.php;100
+
 # End