← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Buhtrap group uses zero‑day in latest espionage campaigns
WHITE BuhTrap AlienVault 2019-07-11 Modified: 2019-07-12
32
IOCs
MEDIUM VOLUME
The Buhtrap group is well known for its targeting of financial institutions and businesses in Russia. However, since late 2015, we have witnessed an interesting change in its traditional targets. From a pure criminal group perpetrating cybercrime for financial gain, its toolset has been expanded with malware used to conduct espionage in Eastern Europe and Central Asia.
russiabuhtrap
Indicators of Compromise (6 / 32 total)
All URL domain FileHash-SHA256 hostname FileHash-SHA1 CVE
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 6e820b5732cd8bb95546cf39aeb6babe90cf4cc7dde675b718710babcf1740b5 2019-07-11
FileHash-SHA256 b475f14a1ffdeaf883c73e97724544b9bba0f6c481830bd25e3ba0d0f69b9181 2019-07-11
FileHash-SHA256 fd6c772c31da19a66283af4703d1d5072a9158d03031a4094ac2eb8dccd3d6d1 2019-07-11
FileHash-SHA256 7c7e28254623462d0dd97aec61f7039b1fc8dcaaa6a06fb9cb52075f25b48629 2019-07-12
FileHash-SHA256 9c2a235504003f2cc50c444c4c47b9ac3a16251d47b63313ba9d3ea7bc6011c9 2019-07-12
FileHash-SHA256 25542d4ae765f794e56e2678e60a181ece9de530a145caea12ea1a89aa289dba 2019-07-12
References (1)
↗ https://www.welivesecurity.com/2019/07/11/buhtrap-zero-day-espionage-campaigns/