← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Bitter APT adds Bangladesh to their targets
WHITE Bitter AlienVault 2022-05-12 Modified: 2022-05-12
80
IOCs
HIGH VOLUME
Cisco Talos discovered an ongoing campaign operated by what they believe is the Bitter APT group since August 2021. This campaign is a typical example of the actor targeting South Asian government entities.
BitterAPTBitter RATArtra downloaderSlideRATAndroRAT
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Bitter RAT Artra Downloader SlideRAT AndroRAT
Indicators of Compromise (31 / 80 total)
All email domain FileHash-MD5 FileHash-SHA1 FileHash-SHA256 CVE URL hostname
TYPEINDICATORDESCRIPTIONCREATED
URL http://autodefragapp.com/ 2022-05-12
URL http://levarisnetqlsvc.net/ 2022-05-12
URL http://levarisnetqlsvc.net/drw/drw 2022-05-12
URL http://levarisnetqlsvc.net/jig/gij 2022-05-12
URL http://levarisnetqlsvc.net/lt.php 2022-05-12
URL http://levarisnetqlsvc.net/lt.php/?dt=%25computername%25-LT-2&ct=LT 2022-05-12
URL http://olmajhnservice.com/ 2022-05-12
URL http://olmajhnservice.com/nt.php 2022-05-12
URL http://olmajhnservice.com/nt.php/ 2022-05-12
URL http://olmajhnservice.com/nt.php/?dt= 2022-05-12
URL http://olmajhnservice.com/nt.php/?dt=%25computername%25-BKP&ct=BKP 2022-05-12
URL http://olmajhnservice.com/nt.php/?dt=%25computername%25-EX-1 2022-05-12
URL http://olmajhnservice.com/nt.php/?dt=%25computername%25-EX-1&amp 2022-05-12
URL http://olmajhnservice.com/nt.php/?dt=%25computername%25-EX-1&ct=1 2022-05-12
URL http://olmajhnservice.com/nt.php/?dt=%25computername%25-EX-1&ct=1 2022-05-12
URL http://olmajhnservice.com/nt.php/?dt=%25computername%25-EX-2&ct=2 2022-05-12
URL http://olmajhnservice.com/nt.php/?dt=%25computername%25-EX-3&ct=3 2022-05-12
URL http://olmajhnservice.com/nt.php/?dt=%25username%25-EX-3&ct=1 2022-05-12
URL http://olmajhnservice.com/nt.php/?dt=%25username%25-EX-3&ct=1 2022-05-12
URL http://olmajhnservice.com/nt.php/?dt=%25username%25-EX-3ct=1 2022-05-12
URL http://olmajhnservice.com/nt.php?dt=%25computername%25-ex-1&amp 2022-05-12
URL http://olmajhnservice.com/nxl/nx 2022-05-12
URL http://olmajhnservice.com/nxl/nx/ 2022-05-12
URL http://olmajhnservice.com/updateReqServ10893x.php?x=035347 2022-05-12
URL http://urocakpmpanel.com/ 2022-05-12
URL http://urocakpmpanel.com/axl/ax 2022-05-12
URL http://urocakpmpanel.com/nt.php 2022-05-12
URL http://urocakpmpanel.com/nt.php/?dt=%25computername 2022-05-12
URL http://urocakpmpanel.com/nt.php/?dt=%25computername%25-**** 2022-05-12
URL http://urocakpmpanel.com/nt.php?dt=%25computername%25-**** 2022-05-12
URL http://urocakpmpanel.com:33324/ 2022-05-12
References (1)
↗ https://blog.talosintelligence.com/2022/05/bitter-apt-adds-bangladesh-to-their.html