← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Operation Tejas: A dying elephant curled up in the Kunlun Mountains
Qi Anxin Threat Intelligence Center once published the article named "Operation Magichm: A Brief Talk on the Manlinghua Organization's CHM File Delivery and Follow-up Operations" in 2021 . In addition to the new attack methods and samples used in the latest attack in April, the linked article will also provide an overview of the recent phishing activities of the Maya Elephant (APT-Q-41) and the basics of the Diamondback (APT-Q-39) this year.
MITRE ATT&CK & Malware Families
Indicators of Compromise (75)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| domain | svc2mcxwave.net | — | 2022-06-08 | |
| CVE | CVE-2018-0798 | — | 2022-06-08 | |
| FileHash-MD5 | 058cff1c34118fe46a641286b4cdfc92 | — | 2022-06-08 | |
| FileHash-MD5 | 3268b2aeb16be4bb9b953257af74b805 | — | 2022-06-08 | |
| FileHash-MD5 | 4069d394ff1e55fa9dde2f81567d681e | — | 2022-06-08 | |
| FileHash-MD5 | 54ea5083ad67b15a249e07bb1a4fb3e0 | — | 2022-06-08 | |
| FileHash-MD5 | 5be886f7a6cbc23a0a00bdb2153f435b | — | 2022-06-08 | |
| FileHash-MD5 | 660a678cd7202475cf0d2c48b4b52bab | — | 2022-06-08 | |
| FileHash-MD5 | 6d6e144c182a0f0e43593e05dd990239 | — | 2022-06-08 | |
| FileHash-MD5 | 6e4b4eb701f3410ebfb5925db32b25dc | — | 2022-06-08 | |
| FileHash-MD5 | 71e1cfb5e5a515cea2c3537b78325abf | — | 2022-06-08 | |
| FileHash-MD5 | 9790ef74625b4f9b67bc64aa7eff0e4b | — | 2022-06-08 | |
| FileHash-MD5 | a16d12819fc03a3b9f0b63786f26a4c7 | — | 2022-06-08 | |
| FileHash-MD5 | a70cb6a15e03284d59c0ae4e33324448 | — | 2022-06-08 | |
| FileHash-MD5 | a9ed771d128a6ccf67097b6ecd136885 | — | 2022-06-08 | |
| FileHash-MD5 | ade9a4ee3acbb0e6b42fb57f118dbd6b | — | 2022-06-08 | |
| FileHash-MD5 | b63e9710cb67f4a649a83929ed9f0322 | — | 2022-06-08 | |
| FileHash-MD5 | c44567e2b4b3c92dc871159481894917 | — | 2022-06-08 | |
| FileHash-MD5 | c66a35a9c1778ab162e3718afbd8c3ac | — | 2022-06-08 | |
| FileHash-MD5 | dbf780ef27a421211c69698837986738 | — | 2022-06-08 | |
| FileHash-MD5 | dc269726626de55214f6f49f39ebc33a | — | 2022-06-08 | |
| FileHash-MD5 | f505ef12881fa57fcdd12ac59cf55fd8 | — | 2022-06-08 | |
| FileHash-MD5 | f69fa2d07e1ad0625af8a5ec44db327d | — | 2022-06-08 | |
| FileHash-MD5 | ff2905648780aea95f578d11def872c4 | — | 2022-06-08 | |
| FileHash-SHA1 | 485283048babbc5a2fdd49063ea1f15ed27437d6 | SHA1 of b63e9710cb67f4a649a83929ed9f0322 | 2022-06-08 | |
| FileHash-SHA1 | a0c4ee924cd2a57e1b62b722c3b89a05ffc74663 | SHA1 of 660a678cd7202475cf0d2c48b4b52bab | 2022-06-08 | |
| FileHash-SHA1 | b00c49638ec7eb0b3d265c54082128819366bb57 | SHA1 of 9790ef74625b4f9b67bc64aa7eff0e4b | 2022-06-08 | |
| FileHash-SHA1 | bcc9e35c28430264575831e851182eca7219116f | SHA1 of 71e1cfb5e5a515cea2c3537b78325abf | 2022-06-08 | |
| FileHash-SHA1 | c330ef43bbee001296c6c120cf68e4c90d078d9c | SHA1 of 6e4b4eb701f3410ebfb5925db32b25dc | 2022-06-08 | |
| FileHash-SHA1 | cdd9ef479aaa61e8916e2c8a047f341b053b97cd | SHA1 of ade9a4ee3acbb0e6b42fb57f118dbd6b | 2022-06-08 | |
| FileHash-SHA1 | ceb95d3cda3e389be72dd1546e9f730a544ce5a3 | SHA1 of 5be886f7a6cbc23a0a00bdb2153f435b | 2022-06-08 | |
| FileHash-SHA256 | 092ba0e23d1eb7ff11a8c317977b52534e6ae3e2458916382f3eeea5715a618b | SHA256 of b63e9710cb67f4a649a83929ed9f0322 | 2022-06-08 | |
| FileHash-SHA256 | 167bb1e45373a5b5878f3d9c1cb266fe7210da174026a47f66754d405ac36db8 | SHA256 of ade9a4ee3acbb0e6b42fb57f118dbd6b | 2022-06-08 | |
| FileHash-SHA256 | 55901c2d5489d6ac5a0671971d29a31f4cdfa2e03d56e18c1585d78547a26396 | SHA256 of 71e1cfb5e5a515cea2c3537b78325abf | 2022-06-08 | |
| FileHash-SHA256 | 82fb9681d8e7dfd83ae95852b1572e5a54f745a8b38c5d0e77717eb47e0fd034 | SHA256 of 9790ef74625b4f9b67bc64aa7eff0e4b | 2022-06-08 | |
| FileHash-SHA256 | 91ddbe011f1129c186849cd4c84cf7848f20f74bf512362b3283d1ad93be3e42 | SHA256 of 6e4b4eb701f3410ebfb5925db32b25dc | 2022-06-08 | |
| FileHash-SHA256 | d957239ba4d314e47de9748e77a229f4f969f55b3fcf54a096e7971c7f1bab7d | SHA256 of 660a678cd7202475cf0d2c48b4b52bab | 2022-06-08 | |
| FileHash-SHA256 | dbd72490ce2642721ba8919b27a5f4854d2a8199132e9c4bb08f54b48282febc | SHA256 of 5be886f7a6cbc23a0a00bdb2153f435b | 2022-06-08 | |
| URL | http://193.142.58.186/UihbywscTZ/45Ugty845nv7rt.php | — | 2022-06-08 | |
| domain | afg-refugee.net | — | 2022-06-08 | |
| domain | botanoolifeapp.net | — | 2022-06-08 | |
| domain | brwse.co | — | 2022-06-08 | |
| domain | civix.live | — | 2022-06-08 | |
| domain | crclab-bahria.org | — | 2022-06-08 | |
| domain | cssc.info | — | 2022-06-08 | |
| domain | cvix.live | — | 2022-06-08 | |
| domain | dawnpk.org | — | 2022-06-08 | |
| domain | deliverymailserver.com | — | 2022-06-08 | |
| domain | docuserve.cc | — | 2022-06-08 | |
| domain | docuserve.ltd | — | 2022-06-08 | |
| domain | doken.xyz | — | 2022-06-08 | |
| domain | ekoconect.com | — | 2022-06-08 | |
| domain | epapbuizhost.net | — | 2022-06-08 | |
| domain | fdn-mac.net | — | 2022-06-08 | |
| domain | filedownload.work | — | 2022-06-08 | |
| domain | gov-pk.net | — | 2022-06-08 | |
| domain | kpt-pk.net | — | 2022-06-08 | |
| domain | maildataserver.com | — | 2022-06-08 | |
| domain | ministry-pk.net | — | 2022-06-08 | |
| domain | mod-pk.com | — | 2022-06-08 | |
| domain | mofa-pk.co | — | 2022-06-08 | |
| domain | nationpk.org | — | 2022-06-08 | |
| domain | norter.xyz | — | 2022-06-08 | |
| domain | paf-gov.net | — | 2022-06-08 | |
| domain | paf-mail.com | — | 2022-06-08 | |
| domain | pak-gov.net | — | 2022-06-08 | |
| domain | pakgov.net | — | 2022-06-08 | |
| domain | pakgov.org | — | 2022-06-08 | |
| domain | paknavy.live | — | 2022-06-08 | |
| domain | pkrepublic.org | — | 2022-06-08 | |
| domain | pnptrafcroutsvc.net | — | 2022-06-08 | |
| domain | rurushophoogtypnl.com | — | 2022-06-08 | |
| domain | slap-games.club | — | 2022-06-08 | |
| domain | trik.live | — | 2022-06-08 | |
| domain | watch-earn.live | — | 2022-06-08 |
References (1)