← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
OceanLotus Old techniques, new backdoor
WHITE OceanLotus AlienVault 2018-03-13 Modified: 2018-03-13
74
IOCs
HIGH VOLUME
A prolific purveyor of malware, OceanLotus has its sights set on high-profile corporate and government targets in Southeast Asia, particularly in Vietnam, the Philippines, Laos, and Cambodia. The apparently well-resourced and determined group, often assumed to be Vietnamese, is known for integrating its custom-built creations with techniques long known to be successful.
vietnam
Indicators of Compromise (74)
All domain FileHash-SHA1
TYPEINDICATORDESCRIPTIONCREATED
domain adineohler.com 2018-03-13
domain aisicoin.com 2018-03-13
domain alicervois.com 2018-03-13
domain anessallie.com 2018-03-13
domain antenham.com 2018-03-13
domain arinaurna.com 2018-03-13
domain arkoimmerma.com 2018-03-13
domain aulolloy.com 2018-03-13
domain avidilleneu.com 2018-03-13
domain avidsontre.com 2018-03-13
domain aximilian.com 2018-03-13
domain biasatts.com 2018-03-13
domain braydenhateaub.com 2018-03-13
domain carosseda.com 2018-03-13
domain chascloud.com 2018-03-13
domain dreyoddu.com 2018-03-13
domain dwarduong.com 2018-03-13
domain eckenbaue.com 2018-03-13
domain eighrimeau.com 2018-03-13
domain errellawle.com 2018-03-13
domain erstin.com 2018-03-13
domain frahreiner.com 2018-03-13
domain hieryells.com 2018-03-13
domain hristophe.com 2018-03-13
domain ichardt.com 2018-03-13
domain icmannaws.com 2018-03-13
domain iecopeland.com 2018-03-13
domain irkaimboeuf.com 2018-03-13
domain jamedalue.com 2018-03-13
domain jamyer.com 2018-03-13
domain jeanessbinder.com 2018-03-13
domain jeffreyue.com 2018-03-13
domain keoucha.com 2018-03-13
domain korplug.mk 2018-03-13
domain laudiaouc.com 2018-03-13
domain lbertussbau.com 2018-03-13
domain loridanase.com 2018-03-13
domain marrmann.com 2018-03-13
domain meroque.com 2018-03-13
domain moureuxacv.com 2018-03-13
domain myolton.com 2018-03-13
domain nasahlaes.com 2018-03-13
domain ntjeilliams.com 2018-03-13
domain omasicase.com 2018-03-13
domain onnaha.com 2018-03-13
domain onteagle.com 2018-03-13
domain orinneamoure.com 2018-03-13
domain orresto.com 2018-03-13
domain orrislark.com 2018-03-13
domain rackerasr.com 2018-03-13
domain rcuselynac.com 2018-03-13
domain sanauer.com 2018-03-13
domain stopherau.com 2018-03-13
domain tefanie.com 2018-03-13
domain tefanortin.com 2018-03-13
domain tephens.com 2018-03-13
domain traveroyce.com 2018-03-13
domain tsworthoa.com 2018-03-13
domain ucaargo.com 2018-03-13
domain ucairtz.com 2018-03-13
domain urnage.com 2018-03-13
domain venionne.com 2018-03-13
domain virginiaar.com 2018-03-13
FileHash-SHA1 032ef58b7978d079287874044dc516af624ae5f5 2018-03-13
FileHash-SHA1 202fb56edb2fb542e05c845d62ffbdcfbebed9ec 2018-03-13
FileHash-SHA1 2a387d7d47a63d6e47d9cc92d3dc69a53816c2c0 2018-03-13
FileHash-SHA1 7105caa6d4fd8a2c67523d385277528e556ae4f6 2018-03-13
FileHash-SHA1 82e579bd49d69845133c9aa8585f8bd26736437b 2018-03-13
FileHash-SHA1 a40ee8ff313e59aa92d48592c494a4c3d81449af 2018-03-13
FileHash-SHA1 c2eb1033bc01ab0fd732a7ba4967be02c0690bf0 2018-03-13
FileHash-SHA1 d35695f2366a43628231e73ffa83ca106306a8fa 2018-03-13
FileHash-SHA1 f96bcd875836da89800912de1e557891697c7cf4 2018-03-13
FileHash-SHA1 fdcb35cd9cb8dc1474cbcdf1c9bb03200dcf3f18 2018-03-13
FileHash-SHA1 fe0161fb8a26a0bf4afad746c7ebf89499dcd3a7 2018-03-13
References (1)
↗ https://www.welivesecurity.com/wp-content/uploads/2018/03/ESET_OceanLotus.pdf