← Back to Pulse Feed
PULSE DETAIL
After first uncovering the OilRig group in May 2016, Unit 42 has continued to monitor, observe, and track their activities and evolution over time. Since then, OilRig has been heavily researched by the rest of the industry and has been given additional names such as APT34 and Helix Kitten.
Indicators of Compromise (15)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| URL | http://office365-management.com/updatejuly/template.rtf | — | 2019-04-30 | |
| hostname | ns1.msoffice-cdn.com | — | 2019-04-30 | |
| hostname | ns2.msoffice-cdn.com | — | 2019-04-30 | |
| hostname | ns2.office365-management.com | — | 2019-04-30 | |
| hostname | www.msoffice-cdn.com | — | 2019-04-30 | |
| hostname | ns1.office365-management.com | — | 2019-04-30 | |
| hostname | www.office365-management.com | — | 2019-04-30 | |
| FileHash-SHA256 | 2943e69e6c34232dee3236ced38d41d378784a317eeaf6b90482014210fcd459 | — | 2019-04-30 | |
| domain | office365-management.com | — | 2019-04-30 | |
| domain | msoffice-cdn.com | — | 2019-04-30 | |
| domain | myleftheart.com | — | 2019-04-30 | |
| FileHash-SHA256 | 5f42deb792d8d6f347c58ddbf634a673b3e870ed9977fdd88760e38088cd7336 | — | 2019-04-30 | |
| FileHash-SHA256 | 27e03b98ae0f6f2650f378e9292384f1350f95ee4f3ac009e0113a8d9e2e14ed | — | 2019-04-30 | |
| FileHash-SHA256 | 995ea68dcf27c4a2d482b3afadbd8da546d635d72f6b458557175e0cb98dd999 | — | 2019-04-30 | |
| FileHash-SHA256 | 0f20995d431abce885b8bd7dec1013cc1ef7c73886029c67df53101ea330436c | — | 2019-04-30 |