← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Iranian Threat Agent Greenbug Impersonates Israeli High-Tech and Cyber Security Companies
WHITE Greenbug AlienVault 2017-10-24 Modified: 2017-11-23
31
IOCs
MEDIUM VOLUME
Iranian Threat Agent Greenbug has been registering domains similar to those of Israeli High-Tech and Cyber Security Companies.
greenbugiranisrael
Indicators of Compromise (31)
All domain FileHash-SHA256 FileHash-MD5 URL
TYPEINDICATORDESCRIPTIONCREATED
domain allsecpackupdater.com 2017-10-24
domain arbescurity.com 2017-10-24
domain benyaminsecupdater.com 2017-10-24
domain biocatchsecurity.com 2017-10-24
domain corticasecurity.com 2017-10-24
domain covertixsecurity.com 2017-10-24
domain dnsupdater.com 2017-10-24
domain lbolbo.com 2017-10-24
domain mbsmbs.com 2017-10-24
domain ntpupdateserver.com 2017-10-24
domain oospoosp.com 2017-10-24
domain osposposp.com 2017-10-24
domain outbrainsecupdater.com 2017-10-24
domain securelogicupdater.com 2017-10-24
domain securepackupdater.com 2017-10-24
domain thetaraysecurityupdate.com 2017-10-24
domain winscripts.net 2017-10-24
domain winsecupdater.com 2017-10-24
domain wixwixwix.com 2017-10-24
domain ymaaz.com 2017-10-24
domain znazna.com 2017-10-24
FileHash-SHA256 3b0b85ea32cab82eaf4249c04c05bdfce5b6074ca076fedf87dbea6b28fab99d 2017-10-24
FileHash-MD5 179cb8839e9ee8e9e6665b0986bf7811 2017-10-24
FileHash-MD5 37d586727c1293d8a278b69d3f0c5c4b 2017-10-24
FileHash-MD5 82755bf7ad786d7bf8da00b6c19b6091 2017-10-24
FileHash-MD5 ad5120454218bb483e0b8467feb3a20f 2017-10-24
FileHash-MD5 c594b52ec8922a1e980a2ea31b1d1157 2017-10-24
FileHash-MD5 d30c4df6de21275ae69a4754fc2372ef 2017-10-24
FileHash-MD5 e0175eecf8d31a6f32da076d22ecbdff 2017-10-24
FileHash-MD5 f5ef3b060fb476253f9a7638f82940d9 2017-10-24
URL http://n.n.c.aed2ee30be564a5396f8.ntpupdateserver.com 2017-11-23
References (1)
↗ http://www.clearskysec.com/greenbug/