As reported by Catalin Climpanu, some of the tools used by OilRig attack group have been leaked by a persona using the “Lab Dookhtegan pseudonym”. You can read the full article in the link here.
I have uploaded the full leak and tools as published on Lab Dookhtegan Telegram Chanel and can be downloaded here.
Please make sure you use proper security steps such as sandbox and isolated environment. The origin of the leaked files is unknown and was not inspected.
Also read: A South African Platform for Combating Cyber Crime
This file was uploaded for research and defense purpose only.
If you are creating any signatures such as Yara and Snort please share back with the community.