← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Operation(loyalty) mercenary: a torrent of steel trapped in the plains of Eastern Europe
WHITE Conti AlienVault 2022-08-12 Modified: 2022-09-11
57
IOCs
HIGH VOLUME
Qi Anxin Threat Intelligence Center has been keeping a high-intensity track on Russian-speaking threat actors and active underground forums. Recently, we observed that the world-famous Conti Group used Exchange vulnerabilities to target venture capital companies, luxury goods companies, and chip manufacturing companies in the past six months. , foreign companies and joint ventures in the manufacturing industry launched targeted attacks, these attacked companies have a common feature: "rich".
ContiAPT
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Conti HackTool:Win64/CobaltStrike
Indicators of Compromise (57)
All domain FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL
TYPEINDICATORDESCRIPTIONCREATED
domain kmsauto.us 2022-08-12
FileHash-MD5 02953d5f6363896427d09fa112f5da16 2022-08-12
FileHash-MD5 0838b1a1618c5ea3137ece85f83686c0 2022-08-12
FileHash-MD5 09078828931a04c2a3f95db7641ce805 2022-08-12
FileHash-MD5 264f7b719ce8bc281377582a24eaac69 2022-08-12
FileHash-MD5 28dc8674d8d692ed156998520a5e6303 2022-08-12
FileHash-MD5 35861f4ea9a8ecb6c357bdb91b7df804 2022-08-12
FileHash-MD5 36e91497fee355a45a5cb23a5ea91139 2022-08-12
FileHash-MD5 44bd492dfb54107ebfe063fcbfbddff5 2022-08-12
FileHash-MD5 480d33334909d49d61cb75c536aef1f7 2022-08-12
FileHash-MD5 4b27c3d57fe01a2a5b2001854507e0e2 2022-08-12
FileHash-MD5 6121393a37c3178e7c82d1906ea16fd4 2022-08-12
FileHash-MD5 72c84779b5862c1462ca0c3da30bde39 2022-08-12
FileHash-MD5 76b916f3eeb80d44915d8c01200d0a94 2022-08-12
FileHash-MD5 782dd6152ab52361eba2bafd67771fa0 2022-08-12
FileHash-MD5 7d74663288cd910c7dfd00e4e3136a23 2022-08-12
FileHash-MD5 7f31636f9b74ab93a268f5a473066053 2022-08-12
FileHash-MD5 c914661e98b35630a9abc356f4b24c58 2022-08-12
FileHash-MD5 d28f0cfae377553fcb85918c29f4889b 2022-08-12
FileHash-MD5 dbb8f2e4225ed6fb09e78493052d50a8 2022-08-12
FileHash-MD5 fee16109b05f88040bc7f41e71dd50b5 2022-08-12
FileHash-SHA1 05f2c4cc8e2ef0f8e6f3a24ac1d3e315543a62cf SHA1 of 36e91497fee355a45a5cb23a5ea91139 2022-08-12
FileHash-SHA1 193248645beca3678bfc0519fede792ab4ed39ca SHA1 of 0838b1a1618c5ea3137ece85f83686c0 2022-08-12
FileHash-SHA1 22544df33b80b9da3f91946cacb706805a5a992d SHA1 of 7f31636f9b74ab93a268f5a473066053 2022-08-12
FileHash-SHA1 28ae5dc662dcb251cc67ebc5841df02f3b4bd875 SHA1 of 6121393a37c3178e7c82d1906ea16fd4 SHA1 of 6121393a37c3178e7c82d1906ea16fd4 2022-08-12
FileHash-SHA1 32e24780735a0148c3cc4ce7dda30ed9365397a9 SHA1 of d28f0cfae377553fcb85918c29f4889b 2022-08-12
FileHash-SHA1 32f91aae5803d710b398eacf57eedce6e2047f29 SHA1 of 09078828931a04c2a3f95db7641ce805 2022-08-12
FileHash-SHA1 3a4f8aaaa7d5b71ed28d1471723320270aba9c53 SHA1 of fee16109b05f88040bc7f41e71dd50b5 2022-08-12
FileHash-SHA1 5c5ff30a24a3858a8e9bd531dfef885d0b2a00c7 SHA1 of 782dd6152ab52361eba2bafd67771fa0 2022-08-12
FileHash-SHA1 836cb49c8d08d5e305ab8976f653b97f1edba245 SHA1 of 35861f4ea9a8ecb6c357bdb91b7df804 2022-08-12
FileHash-SHA1 96a155903730ad9d5efddaba9b1a242658410ed9 SHA1 of 72c84779b5862c1462ca0c3da30bde39 2022-08-12
FileHash-SHA1 9f7835b3cdc7cbc641904b1923d7de4a72b3c437 SHA1 of 44bd492dfb54107ebfe063fcbfbddff5 2022-08-12
FileHash-SHA1 9f803df10c66c5a13d709e27b8e1fe519dcf10ad SHA1 of 76b916f3eeb80d44915d8c01200d0a94 2022-08-12
FileHash-SHA1 c43e9b3279c0dd2e2a061cb49447035f2db930ba SHA1 of 264f7b719ce8bc281377582a24eaac69 2022-08-12
FileHash-SHA1 d2244ee2a885c639cd888a036ca0641f3f37fbe3 SHA1 of 4b27c3d57fe01a2a5b2001854507e0e2 2022-08-12
FileHash-SHA1 ef946dc775edec75398a7ce6619f277858bf1eb6 SHA1 of 480d33334909d49d61cb75c536aef1f7 2022-08-12
FileHash-SHA256 205818e10c13d2e51b4c0196ca30111276ca1107fc8e25a0992fe67879eab964 SHA256 of 44bd492dfb54107ebfe063fcbfbddff5 2022-08-12
FileHash-SHA256 26a3395a4115355e897a7daf04551eba5e62da661d8dbae7c99205a2e74d24ba SHA256 of 782dd6152ab52361eba2bafd67771fa0 2022-08-12
FileHash-SHA256 5e85446910e732111ca9ac90f9ed8b1dee13c3314d2c5117dcf672994ce73bd6 SHA256 of 6121393a37c3178e7c82d1906ea16fd4 SHA256 of 6121393a37c3178e7c82d1906ea16fd4 2022-08-12
FileHash-SHA256 64788b6f74875aed53ca80669b06f407e132d7be49586925dbb3dcde56cbca9c SHA256 of 35861f4ea9a8ecb6c357bdb91b7df804 2022-08-12
FileHash-SHA256 6b22c726dff0a4bc2b817406e2d2cda36968e0460d76b8f535604f3c907c3b40 SHA256 of fee16109b05f88040bc7f41e71dd50b5 2022-08-12
FileHash-SHA256 816d7616238958dfe0bb811a063eb3102efd82eff14408f5cab4cb5258bfd019 SHA256 of d28f0cfae377553fcb85918c29f4889b 2022-08-12
FileHash-SHA256 9dbc262d0b452cd4a8c8cb41a5a011ffab488afce54414ebdf210be80fc8eabd SHA256 of 264f7b719ce8bc281377582a24eaac69 2022-08-12
FileHash-SHA256 bc12d3944a21898a2184c190b1ccf141aa38a2ec37f168ff9711e37296afe87c SHA256 of 76b916f3eeb80d44915d8c01200d0a94 2022-08-12
FileHash-SHA256 c4304f7bb6ef66c0676c6b94d25d3f15404883baa773e94f325d8126908e1677 SHA256 of 36e91497fee355a45a5cb23a5ea91139 2022-08-12
FileHash-SHA256 cb29097bc5b9ff161d0457b271dd3a49b5b916f82e2c1f16ece96383981285d6 SHA256 of 09078828931a04c2a3f95db7641ce805 2022-08-12
FileHash-SHA256 cf9031648324a2446ebe829be67fcdaf89dfcda502d77adb774359f14ba7d745 SHA256 of 480d33334909d49d61cb75c536aef1f7 2022-08-12
FileHash-SHA256 dbe98193aced7285a01c18b7da8e4540fb4e5b0625debcfbabcab7ea90f5685d SHA256 of 4b27c3d57fe01a2a5b2001854507e0e2 2022-08-12
FileHash-SHA256 e71cda5e7c018f18aefcdfbce171cfeee7b8d556e5036d8b8f0864efc5f2156b SHA256 of 7f31636f9b74ab93a268f5a473066053 2022-08-12
FileHash-SHA256 e884e073b83a5fa6a58ec60752d9360b4d62c64fe04a9037f8d4efd015b60e55 SHA256 of 0838b1a1618c5ea3137ece85f83686c0 2022-08-12
FileHash-SHA256 edb2923e2fbfec0f55f070d3a6e55617f20cfad70bf71d398b5901211874f708 SHA256 of 72c84779b5862c1462ca0c3da30bde39 2022-08-12
URL https://kmsauto.us/someone/start.ps1 08f491d46a9d05f1aebc83d724ca32c8063a2613250d50ce5b7e8ba469680605 2022-08-12
domain fuvataren.com 2022-08-12
domain kusayeyixa.com 2022-08-12
domain rewujisaf.com 2022-08-12
domain wudimomo.com 2022-08-12
domain xenilik.com 2022-08-12
References (1)
↗ https://mp.weixin.qq.com/s/cGS8FocPnUdBconLbbaG-g