Pulse Detail — Threat Intelligence

PULSE NAME

Bitter APT continues to target Bangladesh

WHITE Bitter AlienVault 2022-07-06 Modified: 2022-08-05

IOCs

MEDIUM VOLUME

The SECUINFRA Falcon Team analysed a recent attack conducted by an advanced persistent threat group, known as Bitter, which is targeting military organisations from Bangladesh, as well as Chinese and Saudi Arabian organizations.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1104 T1059 T1082 T1140 T1068 T1027 T1030 T1041 T1083 T1105 T1203 T1485 T1566 T1571 T1592 T1608

MALWARE FAMILIES

Almond ZxxZ MuuyDownloader

Indicators of Compromise (2 / 40 total)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 CVE URL YARA domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	http://emshedulersvc.com/vc/vc	—	2022-07-06
URL	http://m.huandocimama.com/JvQKLsTYuMe/xAexyBbnDxW/profiles.php?profiles=	—	2022-07-06

References (1)

↗ https://www.secuinfra.com/en/techtalk/whatever-floats-your-boat-bitter-apt-continues-to-target-bangladesh/