IOCs.txt

References:
https://twitter.com/ESETresearch/status/1496581903205511181
https://www.sentinelone.com/labs/hermetic-wiper-ukraine-under-attack/

IOCS:
conhosts.exe
MD5     3f4a16b29f2f0532b7ce3e7656799125
SHA-1   61b25d11392172e587d8da3045812a66c3385451
SHA-256 1bc44eef75779e3ca1eefb8ff5a64807dbc942b1e4a2672d77b9f6928d292591

client.exe
MD5     d5d2c4ac6c724cd63b69ca054713e278
SHA-1   f32d791ec9e6385a91b45942c230f52aff1626df
SHA-256 4dc13bb83a16d4ff9865a51b3e4d24112327c526c1392e14d56f20d6f4eaf382

Win32/KillDisk.NCV
MD5     84ba0197920fd3e2b7dfa719fee09d2f
SHA-1   912342f1c840a42f6b74132f8a7c4ffe7d40fb77
SHA-256 0385eeab00e946a302b24a91dea4187c1210597b8e17cd9e2230450f5ece21da

MD5	decc2726599edcae8d1d1d0ca99d83a6
SHA-1	0d8cc992f279ec45e8b8dfd05a700ff1f0437f29
SHA-256 3c557727953a8f6b4788984464fb77741b821991acbf5e746aebdd02615b1767

MD5	382fc1a3c5225fceb672eea13f572a38
SHA-1	d9a3596af0463797df4ff25b7999184946e3bfa2
SHA-256 2c10b2ec0b995b88c27d141d6f7b14d6b8177c52818687e4ff8e6ecf53adf5bf

MD5	6106653b08f4f72eeaa7f099e7c408a4
SHA-1	0e84aff18d42fc691cb1104018f44403c325ad21
SHA-256	96b77284744f8761c4f2558388e0aee2140618b484ff53fa8b222b340d2a9c84

RCDATA_DRV_X64
MD5     a952e288a1ead66490b3275a807f52e5
SHA-1   5ceebaf1cbb0c10b95f7edd458804a646c6f215e
SHA-256 e5f3ef69a534260e899a36cec459440dc572388defd8f1d98760d31c700f42d5

RCDATA_DRV_X86
MD5     231b3385ac17e41c5bb1b1fcb59599c4
SHA-1   0231721ef4e4519ec776ff7d1f25c937545ce9f4
SHA-256 b01e0c6ac0b8bcde145ab7b68cf246deea9402fa7ea3aede7105f7051fe240c1

RCDATA_DRV_XP_X64
MD5     095a1678021b034903c85dd5acb447ad
SHA-1   9c2e465e8dfdfc1c0c472e0a34a7614d796294af
SHA-256 b6f2e008967c5527337448d768f2332d14b92de22a1279fd4d91000bb3d4a0fd

RCDATA_DRV_XP_X86
MD5     eb845b7a16ed82bd248e395d9852f467
SHA-1   ee764632adedf6bb4cf4075a20b4f6a79b8f94c0
SHA-256 fd7eacc2f87aceac865b0aa97a50503d44b799f27737e009f91f3c281233c17d