← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Bitter APT continues to target Bangladesh | SECUINFRA Falcon Team
WHITE Tr1sa111 2022-07-07 Modified: 2022-08-05
51
IOCs
HIGH VOLUME
Here's a look at some of the best tweets from the past 12 months, as well as the top ones from Twitter and other social media sites, including Facebook, Twitter, Instagram and Instagram.
almond ratbitterequation editorcommandzxxzteamc2 servertapt17downloadercve20180798ratstwittereasyloaderandroidfebruarymaldocpythonnextimportdotnetmalwarejavascripthelp centerpleaseservice privacypolicy cookiepolicy imprintads info
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (51)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 CVE URL YARA domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 59b043a913014a1f03258c695b9333af MD5 of 3fdf291e39e93305ebc9df19ba480ebd60845053b0b606a620bf482d0f09f4d3 2022-07-07
FileHash-MD5 b9025eca96614a473e204e9e8a873e1d MD5 of fa0ed2faa3da831976fee90860ac39d50484b20bee692ce7f0ec35a15670fa92 2022-07-07
FileHash-SHA1 2360e4cff14fbfb2af6c80dbd7028d682fe2634e SHA1 of fa0ed2faa3da831976fee90860ac39d50484b20bee692ce7f0ec35a15670fa92 2022-07-07
FileHash-SHA1 2af2dcd9482a281228d987723640203e08ff93c9 SHA1 of 3fdf291e39e93305ebc9df19ba480ebd60845053b0b606a620bf482d0f09f4d3 2022-07-07
FileHash-SHA256 3fdf291e39e93305ebc9df19ba480ebd60845053b0b606a620bf482d0f09f4d3 2022-07-07
FileHash-SHA256 fa0ed2faa3da831976fee90860ac39d50484b20bee692ce7f0ec35a15670fa92 2022-07-07
CVE CVE-2012-0158 2022-07-07
CVE CVE-2017-1182 2022-07-07
CVE CVE-2018-0798 2022-07-07
CVE CVE-2021-1732 2022-07-07
CVE CVE-2021-28310 2022-07-07
FileHash-MD5 1bf615946ad9ea7b5a282a8529641bf6 MD5 of 358867f105b517624806c3315c5426803f7c42a7 2022-07-07
FileHash-MD5 2454a5b5f7793d372c96fd572c1de2cc MD5 of 90fd32f8f7b494331ab1429712b1735c3d864c8c8a2461a5ab67b05023821787 2022-07-07
FileHash-MD5 2c8ed4045b76a1eca8c8d0161a4b65ec MD5 of 69b397400043ec7036e23c225d8d562fdcd3be887f0d076b93f6fcaae8f3dd61 2022-07-07
FileHash-MD5 49500807ca5f7d2b08d09729921f4714 MD5 of bd0d25194634b2c74188cfa3be6668590e564e6fe26a6fe3335f95cbc943ce1d 2022-07-07
FileHash-MD5 6e4b4eb701f3410ebfb5925db32b25dc MD5 of c330ef43bbee001296c6c120cf68e4c90d078d9c 2022-07-07
FileHash-MD5 71e1cfb5e5a515cea2c3537b78325abf MD5 of bcc9e35c28430264575831e851182eca7219116f 2022-07-07
FileHash-MD5 a1d9e1dccfbba118d52f95ec6cc7c943 MD5 of 8efa4d5574a0c80733e9824ec146521385a68424 2022-07-07
FileHash-MD5 d58e6f93bd1eb81eacc965d530709246 MD5 of a47aec515f303ae7f427d98fc69fe828fa9c6ec6 2022-07-07
FileHash-MD5 edd437fa61fca68eefc2d0c832dc80aa MD5 of 3992d5a725126952f61b27d43bd4e03afa5fa4a694dca7cf8bbf555448795cd6 2022-07-07
FileHash-SHA1 358867f105b517624806c3315c5426803f7c42a7 2022-07-07
FileHash-SHA1 7fafa0794ed5687a4d85c5d868edf4e9ac0fcb87 SHA1 of 3992d5a725126952f61b27d43bd4e03afa5fa4a694dca7cf8bbf555448795cd6 2022-07-07
FileHash-SHA1 8efa4d5574a0c80733e9824ec146521385a68424 2022-07-07
FileHash-SHA1 a47aec515f303ae7f427d98fc69fe828fa9c6ec6 2022-07-07
FileHash-SHA1 b17f0381fc7e4c4c6bb15dfcc0c37d2945266c6e SHA1 of 69b397400043ec7036e23c225d8d562fdcd3be887f0d076b93f6fcaae8f3dd61 2022-07-07
FileHash-SHA1 bcc9e35c28430264575831e851182eca7219116f 2022-07-07
FileHash-SHA1 bcd7a2191af9ddb1bd627e36a55fc55680e36f51 SHA1 of 90fd32f8f7b494331ab1429712b1735c3d864c8c8a2461a5ab67b05023821787 2022-07-07
FileHash-SHA1 c330ef43bbee001296c6c120cf68e4c90d078d9c 2022-07-07
FileHash-SHA1 cb9beeaae4077170b085b0e92f8e3872dda2ee8b SHA1 of bd0d25194634b2c74188cfa3be6668590e564e6fe26a6fe3335f95cbc943ce1d 2022-07-07
FileHash-SHA256 0c7158f9fc2093caf5ea1e34d8b8fffce0780ffd25191fac9c9b52c3208bc450 SHA256 of 8efa4d5574a0c80733e9824ec146521385a68424 2022-07-07
FileHash-SHA256 3992d5a725126952f61b27d43bd4e03afa5fa4a694dca7cf8bbf555448795cd6 2022-07-07
FileHash-SHA256 55901c2d5489d6ac5a0671971d29a31f4cdfa2e03d56e18c1585d78547a26396 SHA256 of bcc9e35c28430264575831e851182eca7219116f 2022-07-07
FileHash-SHA256 69b397400043ec7036e23c225d8d562fdcd3be887f0d076b93f6fcaae8f3dd61 2022-07-07
FileHash-SHA256 90fd32f8f7b494331ab1429712b1735c3d864c8c8a2461a5ab67b05023821787 2022-07-07
FileHash-SHA256 91ddbe011f1129c186849cd4c84cf7848f20f74bf512362b3283d1ad93be3e42 SHA256 of c330ef43bbee001296c6c120cf68e4c90d078d9c 2022-07-07
FileHash-SHA256 bc03923e3cc2895893571068fd20dd0bc626764d06a009b91dac27982e40a085 SHA256 of 358867f105b517624806c3315c5426803f7c42a7 2022-07-07
FileHash-SHA256 bd0d25194634b2c74188cfa3be6668590e564e6fe26a6fe3335f95cbc943ce1d 2022-07-07
FileHash-SHA256 d83cb82be250604b2089a1198cedd553aaa5e8838b82011d6999bc6431935691 SHA256 of a47aec515f303ae7f427d98fc69fe828fa9c6ec6 2022-07-07
URL http://emshedulersvc.com/vc/vc 2022-07-07
URL http://m.huandocimama.com/JvQKLsTYuMe/xAexyBbnDxW/profiles.php?profiles= 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 2022-07-07
YARA 051e0f8d4471172309e6dd11ff6642bd6f903e51 Detects Bitter (T-APT-17) PDB Paths 2022-07-07
YARA 3b404215bfcdecab3497feddcb820b7aabf587c5 Detects Bitter (T-APT-17) Almond RAT (.NET) 2022-07-07
YARA dd1c6d6276efba12eff01052033aa3a3717f3af9 Detects Bitter (T-APT-17) shellcode in oleObject (CVE-2018-0798) 2022-07-07
domain diyefosterfeeds.com 2022-07-07
domain emshedulersvc.com 2022-07-07
domain huandocimama.com 2022-07-07
domain it-daily.net 2022-07-07
domain saebamini.com 2022-07-07
domain spurshipbroker.com 2022-07-07
domain spurshipbrokers.com 2022-07-07
hostname m.huandocimama.com 2022-07-07
References (2)
↗ https://twitter.com/h2jazi/status/1543957383193444352 ↗ https://www.secuinfra.com/en/techtalk/whatever-floats-your-boat-bitter-apt-continues-to-target-bangladesh/