← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Cobalt Strike targeting Ukranian Telecoms
WHITE AlienVault 2018-10-23 Modified: 2019-07-19
232
IOCs
HIGH VOLUME
A large set of infrastructure
ukraine
Indicators of Compromise (115 / 232 total)
All URL hostname FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
URL http://ads1-msn.net/ 2018-10-23
URL http://ads1-msn.net/rss.php 2018-10-23
URL http://24tv.agency/ 2018-10-23
URL http://a-msedge.org/ 2018-10-23
URL http://ads1-msn.com/ 2018-10-23
URL https://apostrophe-news.biz/ 2018-10-23
URL http://appex-bing.org/ 2018-10-23
URL https://appex-bing.org/ 2018-10-23
URL http://bigmir.email/ 2018-10-23
URL http://censornews.org/ 2018-10-23
URL http://cdn-onenote.net/ 2018-10-23
URL http://cdn-onenote.net/doc/microsoft.php2 2018-10-23
URL https://compatexchange-cloudapp.com/ 2018-10-23
URL https://corpext-datamart.net/ 2018-10-23
URL http://diagnostics-support-microsoft.net/ 2018-10-23
URL https://diagnostics-support-microsoft.net/ 2018-10-23
URL http://cnn-metanews.biz/ 2018-10-23
URL http://eizvestia-news.org/ 2018-10-23
URL http://espreso.today/ 2018-10-23
URL https://feedback-google.org/ 2018-10-23
URL http://feedback-google.net/ 2018-10-23
URL https://feedback-google.net/ 2018-10-23
URL http://feedback-windows.com/ 2018-10-23
URL https://feedback-windows.com/ 2018-10-23
URL http://foxnewsmeta.biz/ 2018-10-23
URL http://feedback-windows.org 2018-10-23
URL http://fwdcdn.org/ 2018-10-23
URL http://gateway-telemetry.org/ 2018-10-23
URL https://gateway-telemetry.org/ 2018-10-23
URL https://gazetaua-news.org/ 2018-10-23
URL http://gismeteo.city/ 2018-10-23
URL http://interfax-globalnews.com/ 2018-10-23
URL http://ipv4-microsoft.org/ 2018-10-23
URL https://ipv4-microsoft.org/ 2018-10-23
URL http://win10.ipv6-microsoft.org/ 2018-10-23
URL https://ipv6-microsoft.org/ 2018-10-23
URL http://ipv6-google.net/ 2018-10-23
URL https://kyivstar-ip.com/ 2018-10-23
URL http://ipv6-google.org/ 2018-10-23
URL https://ipv6-google.org/ 2018-10-23
URL http://microsoft-com-nsatc.org/ 2018-10-23
URL https://microsoft-nsatc.org/ 2018-10-23
URL http://ms-akadns.com/ 2018-10-23
URL https://ms-akadns.com/ 2018-10-23
URL http://ms-akadns.org/ 2018-10-23
URL https://ms-akadns.org/ 2018-10-23
URL http://news-liga.net/ 2018-10-23
URL http://newska-uanews.biz/ 2018-10-23
URL http://ns0-ukrpack.net/ 2018-10-23
URL http://nod-update.org/ 2018-10-23
URL http://ns0-volia.net/ 2018-10-23
URL https://ns0-volia.net/ 2018-10-23
URL http://ns1-datagroup.com/ 2018-10-23
URL https://ns1-datagroup.com/ 2018-10-23
URL http://ns1-volia.net/ 2018-10-23
URL https://ns1-volia.net/ 2018-10-23
URL http://ns2-datagroup.com/ 2018-10-23
URL https://ns2-datagroup.com/ 2018-10-23
URL http://ns2-ukrtel.com/ 2018-10-23
URL https://ns2-ukrtel.com/ 2018-10-23
URL http://obozrevatel-news.com/ 2018-10-23
URL http://paypal-com1.com/ 2018-10-23
URL https://paypal-com1.com/ 2018-10-23
URL http://officeclient-microsoft.com/ 2018-10-23
URL http://paypal-com2.com/ 2018-10-23
URL https://paypal-com2.com/ 2018-10-23
URL http://pppoe-kyivstar.com/ 2018-10-23
URL https://pppoe-kyivstar.com/ 2018-10-23
URL http://pppoe-ukrtel.com/ 2018-10-23
URL https://pppoe-ukrtel.com/ 2018-10-23
URL http://preview-msn.org/ 2018-10-23
URL http://redir-metaservices.org/ 2018-10-23
URL http://reports-telemetry-microsoft.com/ 2018-10-23
URL http://reports-telemetry-microsoft.com/rss. 2018-10-23
URL http://reports-telemetry-microsoft.com/rss.php 2018-10-23
URL http://rian-ua.org/ 2018-10-23
URL http://sandbox-cloudapp.com/ 2018-10-23
URL http://search-msn.net/ 2018-10-23
URL https://search-msn.org/ 2018-10-23
URL http://secure-telemetry.net/ 2018-10-23
URL http://secure-telemetry.org/ 2018-10-23
URL https://secure-telemetry.org/ 2018-10-23
URL http://sandbox-cloudapp.org/ 2018-10-23
URL https://sandbox-cloudapp.org/ 2018-10-23
URL http://segodnya-news.org/ 2018-10-23
URL https://services-glbdns2.com/ 2018-10-23
URL http://services-glbdns2.org/ 2018-10-23
URL https://services-glbdns2.org/ 2018-10-23
URL https://services-google.org/ 2018-10-23
URL http://serving-sys-windows.net/ 2018-10-23
URL https://serving-sys-windows.net/ 2018-10-23
URL https://social-msn.net/ 2018-10-23
URL http://ssw-live.org/ 2018-10-23
URL http://support-cloudapp.net/ 2018-10-23
URL http://support-microsoft.biz/ 2018-10-23
URL http://survey-microsoft.net/ 2018-10-23
URL https://survey-microsoft.net/ 2018-10-23
URL http://telecommand-microsoft.net/ 2018-10-23
URL http://telecommand-microsoft.net/o86ofnnsskopnaic8thcfgkroqid8sdlnz4rtoha3uga91ednridpgqgmob_fbu1mcz5xs3_un6bcxoquj1s3fuogh5znq4fmgqryeb3obz4pbh2xirb34zu3/ 2018-10-23
URL https://telecommand-microsoft.net/ 2018-10-23
URL http://uatimes-meta.biz/ 2018-10-23
URL http://ubr-news.org/ 2018-10-23
URL https://ui-skype.net/ 2018-10-23
URL http://unian-search.com/ 2018-10-23
URL http://win-msecnd.com/ 2018-10-23
URL http://win-msecnd.org/ 2018-10-23
URL http://aaae.91.4035.l.reports.urs-microsoft.net/ 2018-10-23
URL http://reports.urs-microsoft.net/ 2018-10-23
URL http://toor.reports.urs-microsoft.net/ 2018-10-23
URL http://urs-microsoft.net/ 2018-10-23
URL https://toor.reports.urs-microsoft.net/ 2018-10-23
URL http://win10-telemetry.net/ 2018-10-23
URL http://statototalitario.com/stub/index.php 2018-10-23
URL http://t.4fhd23svjigogr2lm6e4nhsvs72pcwhnuj3ou6kfjzinvssogxhrlrk55urnlk.ri7odejku2d7kz4mz2mhfdcjijlff77xeu5zq6f3j2amoqonzcsi6johaujmrq.wszrcu6g75n57hkwg2f63gvtbrslfc5567t2taz7o3e.29.2546.y.reports.urs-microsoft.net/ 2018-10-23
URL http://cache-windows.org/rss.php 2019-07-10
References (1)
↗ https://docs.google.com/document/d/1oYX3uN6KxIX_StzTH0s0yFNNoHDnV8VgmVqU5WoeErc/edit#