← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Popping Eagle: How Global Analytics Uncovered a Stealthy Threat Actor
WHITE CyberHunter_NL 2022-06-03 Modified: 2022-07-03
7
IOCs
LOW VOLUME
barcocortex xdreagleprotectioniocspopopalo altonetworkspopping eaglerelated iocsdllswildfiremalwarenotpetyakerangerpsexecagentexecutionpython
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Barco
Indicators of Compromise (7)
All FileHash-SHA256 YARA domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 0dc8f17b053d9bfab45aed21340a1f85325f79e0925caf21b9eaf9fbdc34a47a 2022-06-03
FileHash-SHA256 59d12f26cbc3e49e28be13f0306f5a9b1a9fd62909df706e58768d2f0ccca189 2022-06-03
FileHash-SHA256 95676c8eeaab93396597e05bb4df3ff8cc5780ad166e4ee54484387b97f381df 2022-06-03
FileHash-SHA256 e5e89d8db12c7dacddff5c2a76b1f3b52c955c2e86af8f0b3e36c8a5d954b5e8 2022-06-03
YARA 4c9f59bafba49c8dda245fb992418c66a9427691 potentially unwanted GO application with proxy communication capabilities 2022-06-03
domain dnszonetransfer.com 2022-06-03
domain reporterror.net 2022-06-03
References (1)
↗ https://unit42.paloaltonetworks.com/popping-eagle-malware