← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
FIN7 Recent Bateleur Malware Campaigns
WHITE FIN7 AlienVault 2018-08-07 Modified: 2018-11-22
23
IOCs
MEDIUM VOLUME
While much reporting indicates that APT cyberattacks are espionage motivated, financially motivated cyber criminals have also been stepping up their game since as early as 2013. Using TTPs akin to their espionage counterparts, groups such as Cobalt Group and FIN7 have been targeting large financial institutions and restaurant chains with much success. The Cobalt Group alone is said to be responsible for causing 1 billion euros worth (US$1.17 billion) of damage to the financial sector.
fin7Bateleur
Indicators of Compromise (23)
All FileHash-MD5 email domain URL hostname FileHash-SHA256
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 03c6601a7fef76fce7fb63c116ef5fb9 2018-08-07
FileHash-MD5 05aa48a9c536ad644a2e91eddf2c0511 2018-08-07
FileHash-MD5 1a2e7a9bc8b6e6f359b80173c1f3f42d 2018-08-07
FileHash-MD5 298774c49ee2a1e823f8049a34c09609 2018-08-07
FileHash-MD5 9c289f5db447ac00069b76ff5f8009d1 2018-08-07
FileHash-MD5 aab98b81b9f899183fd090c5f0fe402b 2018-08-07
FileHash-MD5 b36782a9a2b34e8385702ec00cb85065 2018-08-07
FileHash-MD5 e5614d2eec5d2b75c5eb26e059932f25 2018-08-07
FileHash-MD5 e7702f9585616283b6b412b06b274dbf 2018-08-07
email info@apple-istores.com 2018-08-07
domain swift-fraud.com 2018-08-07
domain toshiba.org.kz 2018-08-07
URL https://swift-fraud.com/ 2018-08-07
URL http://toshiba.org.kz/robots.txt. 2018-08-07
hostname safe.my-documents.biz 2018-08-07
domain cdn-googleapi.com 2018-11-06
domain googleapi-cdn.com 2018-11-06
FileHash-MD5 107690af267e719dc1fd549832663560 2018-11-06
domain bing-cdn.com 2018-11-22
FileHash-SHA256 6e1230088a34678726102353c622445e1f8b8b8c9ce1f025d11bfffd5017ca82 2018-11-22
FileHash-SHA256 f5f8ab9863dc12d04731b1932fc3609742de68252c706952f31894fc21746bb8 2018-11-22
URL https://bing-cdn.com 2018-11-22
URL https://googleapi-cdn.com 2018-11-22
References (2)
↗ https://www.accenture.com/t20180803T064557Z__w__/us-en/_acnmedia/PDF-83/Accenture-Cyber-Threatscape-Report-2018.pdf ↗ https://blog.morphisec.com/fin7-not-finished-morphisec-spots-new-campaign