Pulse Detail — Threat Intelligence

PULSE NAME

Anunak: APT against financial institutions

WHITE AlienVault 2014-12-22 Modified: 2017-08-23

IOCs

HIGH VOLUME

Indicators of Compromise (52)

All domain URL FileHash-MD5 CVE

TYPE	INDICATOR	DESCRIPTION	CREATED
domain	public-dns.us	—	2017-08-23
domain	financialnewsonline.pw	—	2017-08-23
domain	blizko.org	—	2017-08-23
domain	paradise-plaza.com	—	2017-08-23
domain	ddnservice10.ru	—	2017-08-23
domain	mind-finder.com	—	2017-08-23
domain	update-java.net	—	2017-08-23
domain	adguard.name	—	2017-08-23
domain	publics-dns.com	—	2017-08-23
domain	freemsk-dns.com	—	2017-08-23
domain	blizko.net	—	2017-08-23
domain	veslike.com	—	2017-08-23
domain	great-codes.com	—	2017-08-23
domain	zwgukemphizgnt.com	—	2017-08-23
domain	coral-trevel.com	—	2017-08-23
domain	worldnewsonline.pw	—	2017-08-23
domain	comixed.org	—	2017-08-23
domain	traider-pro.com	—	2017-08-23
domain	ddnservice11.ru	—	2017-08-23
URL	http://ddnservice11.ru/and/jopagate.php	—	2017-08-23
URL	http://ddnservice10.ru/and/jopagate.php	—	2017-08-23
URL	http://ZwGuKEMphiZgNT.com	—	2017-08-23
FileHash-MD5	de9f4cbb90c994522553ab40ac2d5409	—	2017-08-23
FileHash-MD5	4cf26f8e2f6864c4a8aaa7f92e54e801	—	2017-08-23
FileHash-MD5	a4b053d9ec7d5edb207c208bfbe396ec	—	2017-08-23
FileHash-MD5	ac5d3fc9da12255759a4a7e4eb3d63e7	—	2017-08-23
FileHash-MD5	934e1055b171df0d3e28be9831eb7770	—	2017-08-23
FileHash-MD5	5d1ae2391dfb02e573331b3946f0c314	—	2017-08-23
FileHash-MD5	8dd78371b2d178fb8c8a9b1012d7e985	—	2017-08-23
FileHash-MD5	e9fc0f53c7c0223de20f1776c53d3673	—	2017-08-23
FileHash-MD5	c687867e2c92448992c0fd00a2468752	—	2017-08-23
FileHash-MD5	9d718e86cacffa39edafbf9c1ebc9754	—	2017-08-23
FileHash-MD5	3dc8c4af51c8c367fbe7c7feef4f6744	—	2017-08-23
FileHash-MD5	17984eb3926bf99f0ccb367f4fba12e3	—	2017-08-23
FileHash-MD5	3e90bf845922cf1bf5305e6fdcc14e46	—	2017-08-23
FileHash-MD5	8fa296efaf87ff4d9179283d42372c52	—	2017-08-23
FileHash-MD5	09c8631c2ba74a92defb31040fe2c45a	—	2017-08-23
FileHash-MD5	a1979aa159e0c54212122fd8acb24383	—	2017-08-23
FileHash-MD5	cc294f8727addc5d363bb23e10be4af2	—	2017-08-23
FileHash-MD5	8646e3d8ffffe854d5f9145c0ab413f6	—	2017-08-23
FileHash-MD5	b63af72039e4fb2acd0440b03268b404	—	2017-08-23
FileHash-MD5	aa36ba9f4de5892f1dd427b7b2100b06	—	2017-08-23
FileHash-MD5	1f80a57a3b99eeb8016339991a27593f	—	2017-08-23
FileHash-MD5	fc6d9f538cdae19c8c3c662e890af979	—	2017-08-23
FileHash-MD5	d1de522652e129c37759158c14d48795	—	2017-08-23
FileHash-MD5	0ad4892ead67e65ec3dd4c978fce7d92	—	2017-08-23
FileHash-MD5	2b817bd8195dc7f56500f38a0c740cef	—	2017-08-23
FileHash-MD5	e464d4804d36fddf0287877d66d5037a	—	2017-08-23
FileHash-MD5	86bd7f72a495a22b22070c068b591df8	—	2017-08-23
FileHash-MD5	94666bca3fe81831a23f60c407840408	—	2017-08-23
CVE	CVE-2012-0158	—	2017-08-23
CVE	CVE-2012-2539	—	2017-08-23

References (1)

↗ pasted_text