Pulse Detail — Threat Intelligence

PULSE NAME

Bitter APT continues to target Bangladesh

WHITE Bitter AlienVault 2022-07-06 Modified: 2022-08-05

IOCs

MEDIUM VOLUME

The SECUINFRA Falcon Team analysed a recent attack conducted by an advanced persistent threat group, known as Bitter, which is targeting military organisations from Bangladesh, as well as Chinese and Saudi Arabian organizations.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1104 T1059 T1082 T1140 T1068 T1027 T1030 T1041 T1083 T1105 T1203 T1485 T1566 T1571 T1592 T1608

MALWARE FAMILIES

Almond ZxxZ MuuyDownloader

Indicators of Compromise (9 / 40 total)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 CVE URL YARA domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	59b043a913014a1f03258c695b9333af	MD5 of 3fdf291e39e93305ebc9df19ba480ebd60845053b0b606a620bf482d0f09f4d3	2022-07-06
FileHash-MD5	b9025eca96614a473e204e9e8a873e1d	MD5 of fa0ed2faa3da831976fee90860ac39d50484b20bee692ce7f0ec35a15670fa92	2022-07-06
FileHash-MD5	1bf615946ad9ea7b5a282a8529641bf6	MD5 of 358867f105b517624806c3315c5426803f7c42a7	2022-07-06
FileHash-MD5	2454a5b5f7793d372c96fd572c1de2cc	MD5 of 90fd32f8f7b494331ab1429712b1735c3d864c8c8a2461a5ab67b05023821787	2022-07-06
FileHash-MD5	2c8ed4045b76a1eca8c8d0161a4b65ec	MD5 of 69b397400043ec7036e23c225d8d562fdcd3be887f0d076b93f6fcaae8f3dd61	2022-07-06
FileHash-MD5	6e4b4eb701f3410ebfb5925db32b25dc	MD5 of c330ef43bbee001296c6c120cf68e4c90d078d9c	2022-07-06
FileHash-MD5	71e1cfb5e5a515cea2c3537b78325abf	MD5 of bcc9e35c28430264575831e851182eca7219116f	2022-07-06
FileHash-MD5	a1d9e1dccfbba118d52f95ec6cc7c943	—	2022-07-06
FileHash-MD5	d58e6f93bd1eb81eacc965d530709246	—	2022-07-06

References (1)

↗ https://www.secuinfra.com/en/techtalk/whatever-floats-your-boat-bitter-apt-continues-to-target-bangladesh/