← Back to Pulse Feed
PULSE DETAIL
Recently, we came across an email exploit attempt, aimed at a European Point of Sales (POS) vendor. In this post we will show links to a recently publicized PoS malware campaign, and describe possible threat motivations behind this or other POS vendor exploitation campaign.
Indicators of Compromise (50)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-SHA256 | f992ee6db62e6b07a32dea6f5ad786dd12bcca85c03420c2fd6ededbe78d21af | — | 2017-08-24 | |
| FileHash-SHA256 | 08229f700eb05cec78acb16b1b453c91db0f0c6eb6976e4a89f9cb8bcdbd5f5b | — | 2017-08-24 | |
| domain | gerbertdowen.com | — | 2017-08-24 | |
| domain | crenshaw-manager.com | — | 2017-08-24 | |
| domain | fuckingsh.com | — | 2017-08-24 | |
| domain | purvis-manager.com | — | 2017-08-24 | |
| domain | hostns222777.com | — | 2017-08-24 | |
| domain | qwertygontul.com | — | 2017-08-24 | |
| domain | antivirus-up.com | — | 2017-08-24 | |
| domain | andrlova-manager.com | — | 2017-08-24 | |
| domain | wefandurtix.com | — | 2017-08-24 | |
| domain | lastinhome.com | — | 2017-08-24 | |
| domain | deruserbikl.com | — | 2017-08-24 | |
| domain | derospectgsen.com | — | 2017-08-24 | |
| domain | tabidzuwek.com | — | 2017-08-24 | |
| domain | horticartf.com | — | 2017-08-24 | |
| domain | voplp.com | — | 2017-08-24 | |
| domain | nolanbg.com | — | 2017-08-24 | |
| domain | xablopefgr.com | — | 2017-08-24 | |
| domain | linturefa.com | — | 2017-08-24 | |
| domain | gislat4se2.com | — | 2017-08-24 | |
| domain | dnshost5577.com | — | 2017-08-24 | |
| domain | freeworldgo.com | — | 2017-08-24 | |
| domain | xablopefgr.ru | — | 2017-08-24 | |
| domain | pqwmotleodoriw.net | — | 2017-08-24 | |
| domain | zumo-alibabs.com | — | 2017-08-24 | |
| domain | trader562.com | — | 2017-08-24 | |
| domain | opudernsaqwer.com | — | 2017-08-24 | |
| domain | hurstgreenh.com | — | 2017-08-24 | |
| domain | zumo-archib.com | — | 2017-08-24 | |
| domain | jarr62737.com | — | 2017-08-24 | |
| domain | intl-knapp.com | — | 2017-08-24 | |
| domain | dllinit.com | — | 2017-08-24 | |
| domain | flv-player-update.com | — | 2017-08-24 | |
| domain | icecloud.biz | — | 2017-08-24 | |
| domain | w2643-88-973.com | — | 2017-08-24 | |
| domain | videosearcher.org | — | 2017-08-24 | |
| domain | veret-sapan.com | — | 2017-08-24 | |
| domain | quartlet.com | — | 2017-08-24 | |
| domain | bluewatergrillnyc.net | — | 2017-08-24 | |
| domain | zaniatpizdets.com | — | 2017-08-24 | |
| domain | freeseathere.com | — | 2017-08-24 | |
| domain | wetinulaf.com | — | 2017-08-24 | |
| domain | malatestavoyage.com | — | 2017-08-24 | |
| domain | fdestrnounor.com | — | 2017-08-24 | |
| domain | alfatorgalfa.com | — | 2017-08-24 | |
| FileHash-MD5 | 6adb338e08bcead42cd51f0b5b573a58 | — | 2017-08-24 | |
| CVE | CVE-2012-0158 | — | 2017-08-24 | |
| CVE | CVE-2014-1761 | — | 2017-08-24 | |
| sillitoexpya@rambler.ru | — | 2017-08-24 |