← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
New PoSeidon / FindPOS incidents
WHITE Poseidon Group AlienVault 2017-07-10 Modified: 2017-07-24
8
IOCs
LOW VOLUME
New campaign involving PoSeidon / FindPOS point of sale malware
pospoint of salesPoSeidonFindPOSriskanalytics
Indicators of Compromise (8)
All FileHash-SHA256 domain URL FileHash-SHA1
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 68521da210355338de1cf2e2c6936a02a5d4dd00daad5da1265823e7074a2ede 2017-07-10
FileHash-SHA256 1b7f205b663af9a6eb44f18555bdaad86e0fa58f3a9e4aced3e2ae1e3ed472b5 2017-07-10
domain drysetfirst.com 2017-07-10
domain nathatrabdint.com 2017-07-10
URL http://nathatrabdint.com/gupar/viewtopic.php 2017-07-10
FileHash-SHA1 169fcafd6f04e3f0179483e10281bcfbbbedf773 2017-07-10
URL http://185.17.120.175/ldl01/files/POSNumBot_baked.exe 2017-07-24
FileHash-SHA256 49cd85dd010f83588fb60d1e60684877a515f363267cce5d5f0d0507a78392cd 2017-07-24
References (2)
↗ https://www.riskanalytics.com/blog/post.php?s=2017-07-07-coming-to-a-break-room-near-you-point-of-sale-malware ↗ https://vallejo.cc/2017/07/12/analysis-of-poseidon-downloader-an