← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Earth Baku: An APT Group Targeting Indo-Pacific Countries With New Stealth Loaders and Backdoor
WHITE APT41 AlienVault 2021-09-10 Modified: 2024-08-16
76
IOCs
HIGH VOLUME
An APT group known as Earth Baku has updated its arsenal of malware tools to target companies in the Indo-Pacific region. Earth Baku, a cyberespionage and cybercriminal group, was charged by the US Department of Justice in August 2020 with computer intrusion offenses related to data theft, ransomware, and cryptocurrency mining attacks.
cobalt strikestealthmutantscramblecrossstealthvectorapt41eath baku
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
StealthMutant ScrambleCross StealthVector Cobalt Strike - S0154
Indicators of Compromise (30 / 76 total)
All CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 02378f64fd1083491cf5558397aae763ff047a5fa9fcaf624d1710b86f440777 2021-09-10
FileHash-SHA256 04f6fc49da69838f5b511d8f996dc409a53249099bd71b3c897b98ad97fd867c 2021-09-10
FileHash-SHA256 209521bc350e7f5b28decba46bad81090a13f42eed396db3ca9a97eaf7902fe8 2021-09-10
FileHash-SHA256 24ac3cc305576493beefab026d1cb7cce84f3bfcbcc51cdb5e612c290499390a 2021-09-10
FileHash-SHA256 34f95e0307959a376df28bc648190f72bccc5b25e0e00e45777730d26abb5316 2021-09-10
FileHash-SHA256 477882b41e10aef0fcd0d5d33715dfb4eb7f8f3277057978ac77d3ec5914c6f9 2021-09-10
FileHash-SHA256 49e338c5ae9489556ae8f120a74960f3383381c91b8f03061ee588f6ad97e74c 2021-09-10
FileHash-SHA256 560a96e4577d09eb13416e5c4d649c346ca11a2459f09c8a3495d7c377c1f31d 2021-09-10
FileHash-SHA256 59fa89a19aa236aec216f0c8e8d59292b8d4e1b3c8b5f94038851cc5396d6513 2021-09-10
FileHash-SHA256 62d9e8f6e8ade53c6756f66beaaf4b9d93da6d390bf6f3ae1340389178a2fa29 2021-09-10
FileHash-SHA256 6c5192a478bd7eca95f83ab3ebf036d4c1ffcc81e0354fa05f02f5fe4e8bfdf5 2021-09-10
FileHash-SHA256 730f4d8c1e774406105bbaad3cb4b466c27e0a50cf8345c236b42a80b437e2a8 2021-09-10
FileHash-SHA256 8284c44f87ab8471918da564152ffcc28348a671e3a9316876b075cdf03c3607 2021-09-10
FileHash-SHA256 8da88951322fa7f464c13cb4a173d0c178f5e34a57957c9117b393133dd19925 2021-09-10
FileHash-SHA256 91aa05e3666c7e2443fc1f0f0142f1829f5ec51e289c95b10811531da50eb2b3 2021-09-10
FileHash-SHA256 9269dc68d46630c0d534bf62a299037fd3a124a6459d97692c25ffb89ccd1f08 2021-09-10
FileHash-SHA256 98f6be546c5191b67014e3d0f7f8df86715d970aa326a6a438d0be234daf8841 2021-09-10
FileHash-SHA256 9e178bb966f101e8c8ed020fbb2fb5878e2a969f7eaf47bc990f0472e85a3533 2021-09-10
FileHash-SHA256 b7b2aa801dea2ec2797f8cf43b99c4bf8d0c1effe532c0c800b40336e9012af2 2021-09-10
FileHash-SHA256 bf34dfb4140c00d23554b03ebb986b2734a2c396877681d526e2ac80b372268a 2021-09-10
FileHash-SHA256 c1b587a922691c7e01db3e57f223fa2b5d2df2121736922ff97141571c550cfc 2021-09-10
FileHash-SHA256 c8e3e27401ae87cbd891b46505b89f2970f8890de4b09cbaa538d827caa86b26 2021-09-10
FileHash-SHA256 ce16e9a2d3722bb5f5b3636f307bd386ed24abafea72aeb6dd002d51eeca16df 2021-09-10
FileHash-SHA256 d1175b88744606363f6fdf2df5980ca5a0898a3944fcf15f5c4c014473b043ca 2021-09-10
FileHash-SHA256 d981edf78680f46616574b46ac3d0ab58a509430c155905761058152a24f091d 2021-09-10
FileHash-SHA256 d9d269a199ca0841fc71fef045c3dc5701a5042bea46d05a657b6db43fe55acc 2021-09-10
FileHash-SHA256 da4b86b9367151e0c36b90cb7329aca2d05f2984ce0e0181dd355b728acc4428 2021-09-10
FileHash-SHA256 e009ef76fb9402fe379280ed9c6a4d81748fb259475b9048937f3d7c7f0f0f32 2021-09-10
FileHash-SHA256 e2ae201bd6a7397dcc5036260122e7d67046569b90c4f1b79ef8e34914729888 2021-09-10
FileHash-SHA256 e66adbc6ca13dab9915aca30360c86b75e63e9c0845ac89217299fed556810cc 2021-09-10
References (1)
↗ https://documents.trendmicro.com/assets/white_papers/wp-earth-baku-an-apt-group-targeting-indo-pacific-countries.pdf