← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Government Sector Cyber Threat Intel - Key Insights (March 2022)
WHITE Informational SVThreatIntel 2022-04-07 Modified: 2022-05-07
129
IOCs
HIGH VOLUME
In March, a Transparent Tribe campaign was found targeting the Indian government and military entities. The attacker was infecting victims with CrimsonRAT along with new stagers and implants. Further, the attackers created fake domains mimicking legitimate military and defense organizations. Other Major Incidents Cybercriminals identified as Curious Gorge, Ghostwriter APT, and COLDRIVER were targeting NATO and Eastern European countries by launching phishing and malware attacks. Mustang Panda, UNC1151, and SCARAB were using war-related themes to target mostly Ukraine in a spear-phishing campaign. Hong Kong’s electoral office apologized after an employee failed to follow guidelines and sent the personal details of voters to a random email address.
dem0penadomainsdownloaderswhatsoevers3rnavy filenamesha256spear phishingcampaign rtfmshtmlpowershellcrimsonratGovernment Sector
Indicators of Compromise (129)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 341610a5a0cc430f99f9f9bd694b04a9 MD5 of c7dd490adb297b7f529950778b5a426e8068ea2df58be5d8fd49fe55b5331e28 2022-04-07
FileHash-SHA1 9b520d709cee6c57fbaba38f38a667b0b0691e86 SHA1 of c7dd490adb297b7f529950778b5a426e8068ea2df58be5d8fd49fe55b5331e28 2022-04-07
FileHash-SHA256 c7dd490adb297b7f529950778b5a426e8068ea2df58be5d8fd49fe55b5331e28 2022-04-07
URL http://dsoi.info/downloads/chrmeziIIa.exe 2022-04-07
domain dsoi.info 2022-04-07
URL http://directfileshare.net/DA-Updated.xls 2022-04-07
URL https://zoneflare.com/uipool.scr 2022-04-07
FileHash-MD5 039c162d7fcd8640b337173e323f94d8 MD5 of 84841490ea2b637494257e9fe23922e5f827190ae3e4c32134cadb81319ebc34 2022-04-07
FileHash-MD5 1a080ac310668e90e3b035cc3ee1a226 MD5 of 56f04a39103372acc0f5e9b01236059ab62ea3d5f8236280c112e473672332b1 2022-04-07
FileHash-MD5 1ee6d95284b64bdf5a8b44db68498ba1 MD5 of e3e9bbdaa4be7ad758b0716ee11ec67bf20646bce620a86c1f223fd2c8d43744 2022-04-07
FileHash-MD5 2a189ad9398044ecf0087abc4d331910 MD5 of 5c341d34827c361ba2034cb03dea665a873016574f3b4ff9d208a9760f61b552 2022-04-07
FileHash-MD5 3365d7f306693a4466ed8ff6546fceb7 MD5 of dd23162785ed4e42fc1abed4addcab2219f45c802cccd35b2329606d81f2db71 2022-04-07
FileHash-MD5 47285fad72b725671074d9beeebc8bcd MD5 of 1ba7cf0050343faf845553556b5516d96c7c79f9f39899839c1ca9149cf2d838 2022-04-07
FileHash-MD5 49e8853801554d9de4dd281828094c8a MD5 of 85fa43c3f84b31fbe34bf078af5a614612d32282d7b14523610a13944aadaacb 2022-04-07
FileHash-MD5 4d499b6d7b4106c52e650607cd9e25e7 MD5 of 9d4640bde3daf44cc4258eb5f294ca478306aa5268c7d314fc5019cf783041f0 2022-04-07
FileHash-MD5 529ba5d2c599a72bb56a4b66214af1ae MD5 of a0f6963845d7aeae328048da66059059fdbcb6cc30712fd10a34018caf0bd28a 2022-04-07
FileHash-MD5 56302037bdffd6bf5a0d06bfc71de559 MD5 of 67ad0b41255eca1bba7b0dc6c7bd5bd1d5d74640f65d7a290a8d18fba1372918 2022-04-07
FileHash-MD5 5cbcc3485f4286098b3a111ceec8ce54 MD5 of d2113b820db894f08c47aa905b6f643b1e6f38cce7adf7bf7b14d8308c3eaf6e 2022-04-07
FileHash-MD5 68d73d596a7103e517967f7f4e22cecb MD5 of 99e6e510722068031777c6470d06e31e020451aa86b3db995755d1af49cc5f9e 2022-04-07
FileHash-MD5 9dadf9ce41994f869e8c35e1917b8238 MD5 of b3bc8f9353558b7a07293e13dddb104ed6c3f9e5e9ce2d4b7fd8f47b0e3cc3a5 2022-04-07
FileHash-MD5 ae20da9a88c7624a6b3f81a20bc8065c MD5 of 124023c0cf0524a73dabd6e5bb3f7d61d42dfd3867d699c59770846aae1231ce 2022-04-07
FileHash-MD5 b03e0568a5f26addc51c8a3e32baeb7f MD5 of 5911f5bd310e943774a0ca7ceb308d4e03c33829bcc02a5e7bdedfeb8c18f515 2022-04-07
FileHash-MD5 b579c4a8dd622af458463ac3c76412ca MD5 of 4d14df9d5fa637dae03b08dda8fe6de909326d2a1d57221d73ab3938dfe69498 2022-04-07
FileHash-MD5 c08e1509f379755df710d5a8fd4ff175 MD5 of aadaa8d23cc2e49f9f3624038566c3ebb38f5d955b031d47b79dcfc94864ce40 2022-04-07
FileHash-MD5 cd701c7bbec38a22903205b2c68780d0 MD5 of 5e645eb1a828cef61f70ecbd651dba5433e250b4724e1408702ac13d2b6ab836 2022-04-07
FileHash-MD5 d9481ffdea223ab650226f09cbcd0929 MD5 of c828bccfc34f16983f624f00d45e54335804b77dd199139b80841ad63b42c1f3 2022-04-07
FileHash-MD5 e389c230bf9e0839a8977bf1f7fc59cd MD5 of d9037f637566d20416c37bad76416328920997f22ffec9340610f2ea871522d8 2022-04-07
FileHash-SHA1 1beb7a7defd977f4b52543ee73dc884abc851088 SHA1 of c828bccfc34f16983f624f00d45e54335804b77dd199139b80841ad63b42c1f3 2022-04-07
FileHash-SHA1 1d7ac30556f52d2055d722d30bfd8c56e4b8a3c7 SHA1 of 1ba7cf0050343faf845553556b5516d96c7c79f9f39899839c1ca9149cf2d838 2022-04-07
FileHash-SHA1 226781c376d6b4bdb8935dc98f645744da41ef68 SHA1 of e3e9bbdaa4be7ad758b0716ee11ec67bf20646bce620a86c1f223fd2c8d43744 2022-04-07
FileHash-SHA1 34d3412727fa1053661e0b17632eba3c160e77bc SHA1 of 124023c0cf0524a73dabd6e5bb3f7d61d42dfd3867d699c59770846aae1231ce 2022-04-07
FileHash-SHA1 37dfea2d3e123ad91a8782debccb8f5c923b1a37 SHA1 of 99e6e510722068031777c6470d06e31e020451aa86b3db995755d1af49cc5f9e 2022-04-07
FileHash-SHA1 3fb5698451b5eec15f1fafb3cc62010f37effc93 SHA1 of 4d14df9d5fa637dae03b08dda8fe6de909326d2a1d57221d73ab3938dfe69498 2022-04-07
FileHash-SHA1 42e7a5d2050a28cd4769c128c5242aa157e54f7e SHA1 of 5c341d34827c361ba2034cb03dea665a873016574f3b4ff9d208a9760f61b552 2022-04-07
FileHash-SHA1 435b31eab4fb35e5775476a6a791b65cc1ccc6c8 SHA1 of 85fa43c3f84b31fbe34bf078af5a614612d32282d7b14523610a13944aadaacb 2022-04-07
FileHash-SHA1 453ce4cea005c21f44cf6265c2da9a12244a642c SHA1 of 84841490ea2b637494257e9fe23922e5f827190ae3e4c32134cadb81319ebc34 2022-04-07
FileHash-SHA1 4c5d43a71a24f4aa60f28613f2e26845418f4304 SHA1 of aadaa8d23cc2e49f9f3624038566c3ebb38f5d955b031d47b79dcfc94864ce40 2022-04-07
FileHash-SHA1 5eeac7126851ed056aa28ee16ea786d7a50a7908 SHA1 of dd23162785ed4e42fc1abed4addcab2219f45c802cccd35b2329606d81f2db71 2022-04-07
FileHash-SHA1 61dbf74fcccefb4240a1217343ae44711a22ff1e SHA1 of 9d4640bde3daf44cc4258eb5f294ca478306aa5268c7d314fc5019cf783041f0 2022-04-07
FileHash-SHA1 6745da8789f2c11868579235711774f5d642dff4 SHA1 of b3bc8f9353558b7a07293e13dddb104ed6c3f9e5e9ce2d4b7fd8f47b0e3cc3a5 2022-04-07
FileHash-SHA1 8a366f20839ce1feac7838a471a2ca0161eabf6a SHA1 of 67ad0b41255eca1bba7b0dc6c7bd5bd1d5d74640f65d7a290a8d18fba1372918 2022-04-07
FileHash-SHA1 a6bfe60170efd697ccca1e2e2dd7c6990e0bb90e SHA1 of a0f6963845d7aeae328048da66059059fdbcb6cc30712fd10a34018caf0bd28a 2022-04-07
FileHash-SHA1 b5e85e45245c2b879f0ecc0559558df7bda791e5 SHA1 of 5e645eb1a828cef61f70ecbd651dba5433e250b4724e1408702ac13d2b6ab836 2022-04-07
FileHash-SHA1 c65bb0e553dcc2ee68f24a862766cf1a813f0e0f SHA1 of d2113b820db894f08c47aa905b6f643b1e6f38cce7adf7bf7b14d8308c3eaf6e 2022-04-07
FileHash-SHA1 ce63baf8253e3e1f4f1699d3f379a3d655c155c9 SHA1 of 5911f5bd310e943774a0ca7ceb308d4e03c33829bcc02a5e7bdedfeb8c18f515 2022-04-07
FileHash-SHA1 e6144b432cbc7209d3ef69d5b409440d6d4078b6 SHA1 of 56f04a39103372acc0f5e9b01236059ab62ea3d5f8236280c112e473672332b1 2022-04-07
FileHash-SHA1 e824d669d2d3086dc76e040c2649a82daa6f0601 SHA1 of d9037f637566d20416c37bad76416328920997f22ffec9340610f2ea871522d8 2022-04-07
FileHash-SHA256 011bcca8feebaed8a2aa0297051dfd59595c4c4e1ee001b11d8fc3d97395cc5c 2022-04-07
FileHash-SHA256 08603759173157c2e563973890da60ab5dd758a02480477e5286fccef72ef1a2 2022-04-07
FileHash-SHA256 0d3f5ca81f62b8a68647a4bcc1c5777d3e865168ebb365cab4b452766efc5633 2022-04-07
FileHash-SHA256 124023c0cf0524a73dabd6e5bb3f7d61d42dfd3867d699c59770846aae1231ce 2022-04-07
FileHash-SHA256 15b90d869b4bcc3cc4b886abbf61134e408088fdfbf48e9ab5598a4c80f6f4d8 2022-04-07
FileHash-SHA256 1ba7cf0050343faf845553556b5516d96c7c79f9f39899839c1ca9149cf2d838 2022-04-07
FileHash-SHA256 2043e8b280ae016a983ecaea8e2d368f27a31fd90076cdca9cef163d685e1c83 2022-04-07
FileHash-SHA256 2b32aa56da0f309a6cd5d8cd8b3e125cb1b445b6400c3b22cf42969748557228 2022-04-07
FileHash-SHA256 2bb2a640376a52b1dc9c2b7560a027f07829ae9c5398506dc506063a3e334c3a 2022-04-07
FileHash-SHA256 2ca028a2d7ae7ea0c55a1eeccd08a9386f595c66b7a0c6099c0e0d7c0ad8b6b8 2022-04-07
FileHash-SHA256 38f2b578a9da463f555614e9ca9036337dad0af4e03d89faf09b4227f035db20 2022-04-07
FileHash-SHA256 4162eaeb5826f3f337859996fc7f22442dd9b47f8d4c7cf4f942f666b1016661 2022-04-07
FileHash-SHA256 4d14df9d5fa637dae03b08dda8fe6de909326d2a1d57221d73ab3938dfe69498 2022-04-07
FileHash-SHA256 4e1304f4589a706c60f1f367d804afecd3e08b08b7d5e6bd8c93384f0917385c 2022-04-07
FileHash-SHA256 56f04a39103372acc0f5e9b01236059ab62ea3d5f8236280c112e473672332b1 2022-04-07
FileHash-SHA256 5911f5bd310e943774a0ca7ceb308d4e03c33829bcc02a5e7bdedfeb8c18f515 2022-04-07
FileHash-SHA256 5c341d34827c361ba2034cb03dea665a873016574f3b4ff9d208a9760f61b552 2022-04-07
FileHash-SHA256 5e645eb1a828cef61f70ecbd651dba5433e250b4724e1408702ac13d2b6ab836 2022-04-07
FileHash-SHA256 67ad0b41255eca1bba7b0dc6c7bd5bd1d5d74640f65d7a290a8d18fba1372918 2022-04-07
FileHash-SHA256 84841490ea2b637494257e9fe23922e5f827190ae3e4c32134cadb81319ebc34 2022-04-07
FileHash-SHA256 85fa43c3f84b31fbe34bf078af5a614612d32282d7b14523610a13944aadaacb 2022-04-07
FileHash-SHA256 892a753f31dadf1c6e75f1b72ccef58d29454b9f4d28d73cf7e20d137ce6dd8d 2022-04-07
FileHash-SHA256 99e6e510722068031777c6470d06e31e020451aa86b3db995755d1af49cc5f9e 2022-04-07
FileHash-SHA256 9d4640bde3daf44cc4258eb5f294ca478306aa5268c7d314fc5019cf783041f0 2022-04-07
FileHash-SHA256 9d4e6da67d1b54178343e6607aa459fd4d711ce372de00a00ae5d81d12aa44be 2022-04-07
FileHash-SHA256 a0964a46212d50dbbbbd516a8a75c4764e33842e8764d420abe085d0552b5822 2022-04-07
FileHash-SHA256 a0f6963845d7aeae328048da66059059fdbcb6cc30712fd10a34018caf0bd28a 2022-04-07
FileHash-SHA256 aadaa8d23cc2e49f9f3624038566c3ebb38f5d955b031d47b79dcfc94864ce40 2022-04-07
FileHash-SHA256 adaf7b3a432438a04d09c718ffddc0a083a459686fd08f3955014e6cf3abeec1 2022-04-07
FileHash-SHA256 adc8e40ecb2833fd39d856aa8d05669ac4815b02acd1861f2693de5400e34f72 2022-04-07
FileHash-SHA256 b0ecab678b02fa93cf07cef6e2714698d38329931e5d6598b98ce6ee4468c7df 2022-04-07
FileHash-SHA256 b19af42ff8cf0f68e520a88f40ffd76f53a27dffa33b313fe22192813d383e1e 2022-04-07
FileHash-SHA256 b3bc8f9353558b7a07293e13dddb104ed6c3f9e5e9ce2d4b7fd8f47b0e3cc3a5 2022-04-07
FileHash-SHA256 b9fea0edde271f3bf31135bdf1a36e58570b20ef4661f1ab19858a870f4119ba 2022-04-07
FileHash-SHA256 c828bccfc34f16983f624f00d45e54335804b77dd199139b80841ad63b42c1f3 2022-04-07
FileHash-SHA256 d2113b820db894f08c47aa905b6f643b1e6f38cce7adf7bf7b14d8308c3eaf6e 2022-04-07
FileHash-SHA256 d4eaf26969848d8027df7c8c638754f55437c0937fbf97d0d24cd20dd92ca66d 2022-04-07
FileHash-SHA256 d9037f637566d20416c37bad76416328920997f22ffec9340610f2ea871522d8 2022-04-07
FileHash-SHA256 dc1a5e76f486268ca8b7f646505e73541e1dc8578a95593f198f93c9cd8a5c8d 2022-04-07
FileHash-SHA256 dd23162785ed4e42fc1abed4addcab2219f45c802cccd35b2329606d81f2db71 2022-04-07
FileHash-SHA256 e3e9bbdaa4be7ad758b0716ee11ec67bf20646bce620a86c1f223fd2c8d43744 2022-04-07
FileHash-SHA256 f66c2e249931b4dfab9b79beb69b84b5c7c4a4e885da458bc10759c11a97108f 2022-04-07
URL http://directfileshare.net/dd/m.exe 4d14df9d5fa637dae03b08dda8fe6de909326d2a1d57221d73ab3938dfe69498 2022-04-07
URL http://dost.igov-service.net:8443 2022-04-07
URL http://download.kavach-app.in/Kavach.msi 2022-04-07
URL http://iwestcloud.com/Pick@Whatsoever/Qu33nRocQCl!mbing.php 2022-04-07
URL http://iwestcloud.com/Pick@Whatsoever/S3r&eryvUed.php 2022-04-07
URL http://wallpaper.skin/office/updates/GtkjdsjkyLkjhsTYhdsd/exploit.html 2022-04-07
URL http://wallpaper.skin/office/updates/GtkjdsjkyLkjhsTYhdsd/putty.exe 2022-04-07
URL http://wikipedia-book.vote/async/newtab_ogb 2022-04-07
URL http://zoneflare.com/C2L!Dem0&PeN/A@llPack3Ts/Cert.php 2022-04-07
URL http://zoneflare.com/C2L!Dem0&PeN/A@llPack3Ts/Cor2PoRJSet!On.php 2022-04-07
URL http://zoneflare.com/C2L!Dem0&PeN/A@llPack3Ts/Dev3l2Nmpo7nt.php 2022-04-07
URL http://zoneflare.com/C2L!Dem0&PeN/A@llPack3Ts/f3dlPr00f.php 2022-04-07
URL http://zoneflare.com/C2L!Dem0&PeN/A@llPack3Ts/xwunThedic@t6.php 2022-04-07
URL http://zoneflare.com/R!bB0nBr3@k3r/FunBreaker.php 2022-04-07
URL http://zoneflare.com/R!bB0nBr3@k3r/tallerthanhills.php 2022-04-07
URL http://zoneflare.com/R!bB0nBr3@k3r/zoneblue/mscontainer.dll 2022-04-07
URL https://kavach-app.in/auth/ver4.mp3 2022-04-07
URL https://secure256.net/pdf/ServicedetailforDARevision.pdf f682d94621d234a1953c539aa94780f65a9374148f2c404e3e418553a0c129e4 2022-04-07
URL https://secure256.net/ver4.mp3 6a8d568ad81f63eed5b8c4a0719c71e2638a38290f645fac3fa454ac51fd8f2f 2022-04-07
domain digital-ministry.ru 2022-04-07
domain directfileshare.net 2022-04-07
domain drive-share.live 2022-04-07
domain iwestcloud.com 2022-04-07
domain kavach-app.in 2022-04-07
domain login-verification.top 2022-04-07
domain login-verify.top 2022-04-07
domain otbmail.com 2022-04-07
domain protect-link.online 2022-04-07
domain protection-office.live 2022-04-07
domain proton-viewer.com 2022-04-07
domain secure-ua.space 2022-04-07
domain secure-ua.top 2022-04-07
domain secure256.net 2022-04-07
domain swordoke.com 2022-04-07
domain ua-login.top 2022-04-07
domain wallpaper.skin 2022-04-07
domain wikipedia-book.vote 2022-04-07
domain zoneflare.com 2022-04-07
hostname dost.igov-service.net 2022-04-07
hostname download.kavach-app.in 2022-04-07