← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Buhtrap group uses zero‑day in latest espionage campaigns
WHITE BuhTrap AlienVault 2019-07-11 Modified: 2019-07-12
32
IOCs
MEDIUM VOLUME
The Buhtrap group is well known for its targeting of financial institutions and businesses in Russia. However, since late 2015, we have witnessed an interesting change in its traditional targets. From a pure criminal group perpetrating cybercrime for financial gain, its toolset has been expanded with malware used to conduct espionage in Eastern Europe and Central Asia.
russiabuhtrap
Indicators of Compromise (6 / 32 total)
All URL domain FileHash-SHA256 hostname FileHash-SHA1 CVE
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 9c3434ebdf29e5a4762afb610ea59714d8be2392 2019-07-11
FileHash-SHA1 e0f3557ea9f2ba4f7074caa0d0cf3b187c4472ff 2019-07-11
FileHash-SHA1 2f2640720cce2f83ca2f0633330f13651384dd6a 2019-07-11
FileHash-SHA1 b25def9ac34f31b84062a8e8626b2f0ef589921f 2019-07-11
FileHash-SHA1 5e662e84b62ca6bdf6d050a1a4f5db6b28fbb7c5 2019-07-11
FileHash-SHA1 c17c335b7ddb5c8979444ec36ab668ae8e4e0a72 2019-07-11
References (1)
↗ https://www.welivesecurity.com/2019/07/11/buhtrap-zero-day-espionage-campaigns/