IBM analysts recently unveiled a first look at how threat actors may have placed Shamoon2 malware on systems in Saudi Arabia. While researching elements in the IBM report, ASERT discovered additional malicious domains, IP addresses, and artifacts that matched preciously disclosed elements of Shamoon2.