← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
APT31 renews its attacks on Russian companies through cloud storage
WHITE APT31 AlienVault 2022-08-12 Modified: 2022-08-12
55
IOCs
HIGH VOLUME
A guide to the latest developments in the fight against cyber-thieves APT31, who are believed to be targeting Russian companies through cloud storage, as well as providing security services for the energy sector.
APT31Cloud
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
YaRAT
Indicators of Compromise (55)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 099c7d85d0d26a31469465d333329778 MD5 of d25a68289fc1268d7c548787373a6235895716fb 2022-08-12
FileHash-MD5 0c1e1fd94383efc5a3de8f0117c154b2 2022-08-12
FileHash-MD5 0c4540f659d3942a28f158bce7be1143 MD5 of d1cc0f861f162dfbf9df1493fe861d02b80483f6 2022-08-12
FileHash-MD5 0c993a406be04b806222a130fb5a18e8 MD5 of 49307f1091251dd7a498cf69d0465ddd59859cf8 2022-08-12
FileHash-MD5 11010e139010697a94a8feb3704519f9 2022-08-12
FileHash-MD5 176d11c9bafac6153f728d8afb692f6f 2022-08-12
FileHash-MD5 1d65ef16d1f161ae3faa5ed7896734cd 2022-08-12
FileHash-MD5 50eb199e188594a42262a5bbea260470 2022-08-12
FileHash-MD5 5897e67e491a9d8143f6d45803bc8ac8 2022-08-12
FileHash-MD5 640e6ecad629bd33c09ccec52f4aa6da 2022-08-12
FileHash-MD5 85f8bfb3b859a35e342e35d7c35e8746 MD5 of ff5e78218198dd5ca5dc2eb46ec8afdd1b6260e9 2022-08-12
FileHash-MD5 8b4c1f0ff1cee413f5f2999fa21f94f9 MD5 of 97e19f67a8d6af78c181f05198aa7d200b243ea5 2022-08-12
FileHash-MD5 91965ee08504eeb01e76e17007497852 2022-08-12
FileHash-MD5 c89eaa7f40fc75f9a34e0f0a3b59b88b 2022-08-12
FileHash-MD5 dfaa28a53310a43031e406ff927a6866 2022-08-12
FileHash-SHA1 144493b13df06bab3f290b260b997b71164a25f7 2022-08-12
FileHash-SHA1 3785d9c4bdf6812f753d93b70781d3db68141ce7 2022-08-12
FileHash-SHA1 49307f1091251dd7a498cf69d0465ddd59859cf8 2022-08-12
FileHash-SHA1 52999153cc7d3a3771a8ee9b8e55f913829109a7 2022-08-12
FileHash-SHA1 584fd63ab925c532cf40818886487714b3de317e 2022-08-12
FileHash-SHA1 97e19f67a8d6af78c181f05198aa7d200b243ea5 2022-08-12
FileHash-SHA1 af33573bc8e507875acdb3db52bcfea13bb1286e 2022-08-12
FileHash-SHA1 c694e99f8690114c77a6099856d61a3cd4cd814d 2022-08-12
FileHash-SHA1 d1cc0f861f162dfbf9df1493fe861d02b80483f6 2022-08-12
FileHash-SHA1 d25a68289fc1268d7c548787373a6235895716fb 2022-08-12
FileHash-SHA1 d91ffc6d48f79e0b55918fb73365b9fca37c9efa 2022-08-12
FileHash-SHA1 ef0f61c32a3ae2494000f36a700a151c8b10c134 2022-08-12
FileHash-SHA1 f3c600ba1d1d0cb1f3383805dbcac19e9423bdcb 2022-08-12
FileHash-SHA1 fd05e69d1f094b3a28bb5ae2a936607aa0db3866 2022-08-12
FileHash-SHA1 ff5e78218198dd5ca5dc2eb46ec8afdd1b6260e9 2022-08-12
FileHash-SHA256 0a5fb4a480b1748dc7f963a491a9aa32ff8c8fed01bea0cfd250a5ef01654eb3 2022-08-12
FileHash-SHA256 0afeef5a4ac1b0bc778e66a1420587697dbfdb87d74a0b935db69b7d804089c4 2022-08-12
FileHash-SHA256 256d3065de2345a6beff9458ad0b519bed8363ac0b984247768bd788e633e371 SHA256 of 49307f1091251dd7a498cf69d0465ddd59859cf8 2022-08-12
FileHash-SHA256 37e259d6564071807b7b4266ed1dd8bf2059f3e7f438b8487dd0149e5e0487ec SHA256 of d1cc0f861f162dfbf9df1493fe861d02b80483f6 2022-08-12
FileHash-SHA256 4a5e9ab0e65e08ceb2adb2d150abb620684e98d79483b6c9f786c56c95fea573 2022-08-12
FileHash-SHA256 8148aeef6995c99c6f93ebce65b60bf57109914c45aa86d26a5cdc6ad8bba634 2022-08-12
FileHash-SHA256 98b5cfa14dd805e1172b36415c71730fa3454ffbaababc7d4c7b1fcfb47dfbd7 2022-08-12
FileHash-SHA256 a56003dc199224113e9c85b0edb2197d4a4af91b15e7d0710873e2ef848c3221 SHA256 of ff5e78218198dd5ca5dc2eb46ec8afdd1b6260e9 2022-08-12
FileHash-SHA256 add70042c65cd683925936aa04c79a8644e40dd93aa5ff1913bf533457daccf3 2022-08-12
FileHash-SHA256 aee1bf1f7e70f5cbd34a59b312573a6c7e34b1e412e4518a55a5b14af2102063 2022-08-12
FileHash-SHA256 c2b769f40b1ec2ee57e4d36f545d6de93bbd54d2514347fb54cc20b1bfb9ca97 2022-08-12
FileHash-SHA256 c3382ebff9dcd0e8776820f70faaa8cd4c0c93578444e5cfe3720e0b232fa6d8 SHA256 of d25a68289fc1268d7c548787373a6235895716fb 2022-08-12
FileHash-SHA256 d7c1668c903a92f20bdeaee0f6e94b2ef3fefd700ca8daa4c4ff34a26f1323af 2022-08-12
FileHash-SHA256 ea9429fa66ba14b99ff756b8497ccbd3403437d4150eaed6c5c0fe4a3cdf78a8 2022-08-12
FileHash-SHA256 f49999f1d7327921e63097b4f90f437a0122361676b73a81f0ff2b681b1dd8de SHA256 of 97e19f67a8d6af78c181f05198aa7d200b243ea5 2022-08-12
domain intranet-rsnet.com 2022-08-12
domain microsoft-official.com 2022-08-12
domain offline-microsoft.com 2022-08-12
domain ramblercloud.com 2022-08-12
domain super-encrypt.com 2022-08-12
domain yandexpro.net 2022-08-12
hostname cdn.microsoft-official.com 2022-08-12
hostname p1.offline-microsoft.com 2022-08-12
hostname portal.intranet-rsnet.com 2022-08-12
hostname portal.super-encrypt.com 2022-08-12
References (1)
↗ https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/apt31-cloud-attacks/