← Back to Pulse Feed
PULSE DETAIL
In February 2021, BelialDemon advertised a new malware-as-a-service (MaaS) called Matanbuchus Loader and charged an initial rental price of $2,500. Malware loaders are malicious software that typically drop or pull down second-stage malware from command and control (C2) infrastructures.
MITRE ATT&CK & Malware Families
Indicators of Compromise (45)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | a6f9bec79e8364ef71912139462626d8 | MD5 of 7fbaf7420943d4aa327bb82a357cd31ca92c7c83277f73a195d45bd18365cfce | 2021-06-16 | |
| FileHash-MD5 | 66dc5f1dd7d36839434ad39b4a21639b | MD5 of af356a39a298f6a48f8091afc2f2fc0639338b11813f4f4bd05aba4e65d2bbe3 | 2021-06-16 | |
| FileHash-SHA256 | 41727fc99b9d99abd7183f6eec9052f86de076c04056e224ac366762c361afda | — | 2021-06-16 | |
| FileHash-SHA256 | 7fbaf7420943d4aa327bb82a357cd31ca92c7c83277f73a195d45bd18365cfce | — | 2021-06-16 | |
| FileHash-SHA256 | af356a39a298f6a48f8091afc2f2fc0639338b11813f4f4bd05aba4e65d2bbe3 | — | 2021-06-16 | |
| FileHash-SHA1 | 13211223e7ddd670fb95214a72bea9d109861c56 | SHA1 of 7fbaf7420943d4aa327bb82a357cd31ca92c7c83277f73a195d45bd18365cfce | 2021-06-16 | |
| FileHash-SHA1 | fb089f06f65ffd937e44f328b54e43ed41b4190e | SHA1 of af356a39a298f6a48f8091afc2f2fc0639338b11813f4f4bd05aba4e65d2bbe3 | 2021-06-16 | |
| domain | biznesplanet-bnpparlba.com | Registered=05/05/2021 Registrar=NameCheap, Inc. NS=a.dnspod.com | 2021-06-16 | |
| domain | biznesplanet-parlbabnp.com | Registered=05/05/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | biznesplanet-parlbas.com | Registered=05/02/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | bos24-logowan.com | Registered=05/02/2021 Registrar=NameCheap, Inc. NS=a.dnspod.com | 2021-06-16 | |
| domain | bos24-logowanie.com | Registered=05/02/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | bos24-online.com | Registered=05/02/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | citationsherbe.at | Registrar=Key-Systems GmbH ( https://nic.at/registrar/404 ) NS=a.dnspod.com | 2021-06-16 | |
| domain | dostawapapajohns.online | Registered=03/03/2021 Registrar=NAMECHEAP INC | 2021-06-16 | |
| domain | eonsabode.at | Registrar=Key-Systems GmbH ( https://nic.at/registrar/404 ) NS=a.dnspod.com | 2021-06-16 | |
| domain | flash-player-update.digital | Registered=03/15/2021 Registrar=NameCheap, Inc. NS=a.dnspod.com | 2021-06-16 | |
| domain | flash-update.digital | Registered=03/16/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | flashplayer-update.digital | Registered=03/15/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | flashupdate.digital | Registered=03/16/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | flowsrectifie.at | Registrar=Key-Systems GmbH ( https://nic.at/registrar/404 ) NS=a.dnspod.com | 2021-06-16 | |
| domain | ibos-online24.com | Registered=05/03/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | ibos24-login.com | Registered=05/02/2021 Registrar=NameCheap, Inc. NS=a.dnspod.com | 2021-06-16 | |
| domain | ibos24-online.com | Registered=05/03/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | idea-secure-login.com | Registered=01/07/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | login-biznesplanet.com | NS=a.dnspod.com | 2021-06-16 | |
| domain | login-bos24.com | Registered=04/29/2021 Registrar=NameCheap, Inc. NS=a.dnspod.com | 2021-06-16 | |
| domain | odatingactualiz.at | Registrar=Key-Systems GmbH ( https://nic.at/registrar/404 ) NS=a.dnspod.com | 2021-06-16 | |
| domain | onlinepapajohns.online | Registered=03/03/2021 Registrar=Namecheap NS=a.dnspod.com | 2021-06-16 | |
| domain | papa-johns-dostawa.digital | Registered=03/03/2021 Registrar=NameCheap, Inc. NS=failed-whois-verification.namecheap.com | 2021-06-16 | |
| domain | papa-johns-dostawa.online | Registered=03/03/2021 Registrar=Namecheap | 2021-06-16 | |
| domain | player-update.digital | Registered=03/16/2021 Registrar=NameCheap, Inc. NS=a.dnspod.com | 2021-06-16 | |
| domain | playerupdate.digital | Registered=03/16/2021 Registrar=NameCheap, Inc. NS=a.dnspod.com | 2021-06-16 | |
| domain | sso-cloud-idea.com | Registered=09/24/2020 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | upgrade-flash-player.digital | Registered=03/16/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | wallet-secure.biz | Registered=03/22/2021 Registrar=NameCheap, Inc. NS=a.dnspod.com | 2021-06-16 | |
| domain | wallet-secure.me | Registered=03/22/2021 Registrar=NameCheap, Inc. NS=a.dnspod.com | 2021-06-16 | |
| domain | wallet-secure.org | Registered=03/22/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| domain | wallet-secure.site | NS=a.dnspod.com | 2021-06-16 | |
| domain | wallet-secure.xyz | Registered=03/22/2021 Registrar=NAMECHEAP INC NS=a.dnspod.com | 2021-06-16 | |
| hostname | biznesplanet.parlbabnp.com | — | 2021-06-16 | |
| hostname | login.wallet-secure.org | — | 2021-06-16 | |
| URL | http://eonsabode.at/kntwtopnbt/iqiw922vv5/AveBelial.xml | — | 2021-06-16 | |
| URL | http://idea-secure-login.com | — | 2021-06-16 | |
| URL | http://idea-secure-login.com/3/ddg.dll | — | 2021-06-16 |