← Back to Pulse Feed
PULSE DETAIL
Ajax Security Team is a group that has been active since at least 2010 and believed to be operating out of Iran. By 2014 Ajax Security Team transitioned from website defacement operations to malware-based cyber espionage campaigns targeting the US defense industrial base and Iranian users of anti-censorship technologies.
MITRE ATT&CK & Malware Families
Indicators of Compromise (73 / 330 total)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 014bf8a588f614883d3d8b96024cd278 | MD5 of f710bd9ea40fd94c06d704c00e16a5941544378f | 2022-09-15 | |
| FileHash-MD5 | 01c9cebbc39e273ac1f5af8b629a7327 | MD5 of ec692cf82aef16cf61574b5d15e5c5f8135df288 | 2022-09-15 | |
| FileHash-MD5 | 05523761ca296ec09afdf79477e5f18d | MD5 of 729f9ce76f20822f48dac827c37024fe4ab8ff70 | 2022-09-15 | |
| FileHash-MD5 | 08273c8a873c5925ae1563543af3715c | MD5 of 788d881f3bb2c82e685a98d8f405f375c0ac2162 MD5 of 788d881f3bb2c82e685a98d8f405f375c0ac2162 | 2022-09-15 | |
| FileHash-MD5 | 08e424ac42e6efa361eccefdf3c13b21 | MD5 of 25d3688763e33eac1428622411d6dda1ec13dd43 | 2022-09-15 | |
| FileHash-MD5 | 0a22232c1d5add9d7aabdf630b6ed5af | MD5 of b9842058c88170cc45183aaaae4206c74e6c7351 | 2022-09-15 | |
| FileHash-MD5 | 0b0e2c4789b895e8ac44b6ada284aec1 | MD5 of 29d93b156bcfbcecf79c5ba389094796a1ba76ee | 2022-09-15 | |
| FileHash-MD5 | 0b67ebed08f09c0584b92f4e94ced778 | MD5 of 37ad0e426f4c423385f1609561422a947a956398 | 2022-09-15 | |
| FileHash-MD5 | 0e2dc1cb6bda45d68ee9c751e37df73b | MD5 of db2b8f49b4e76c2f538a3a6b222c35547c802cef MD5 of db2b8f49b4e76c2f538a3a6b222c35547c802cef | 2022-09-15 | |
| FileHash-MD5 | 13039118daadbe87e337310403e64454 | MD5 of 58045d7a565f174df8efc0de98d6882675fbb07f | 2022-09-15 | |
| FileHash-MD5 | 14f2e86f11114c083856c92095d79256 | MD5 of 7fef48e1303e40110798dfec929ad88f1ad4fbd8 | 2022-09-15 | |
| FileHash-MD5 | 1685ba9dbdb0e136d68e0b1a80a969b5 | — | 2022-09-15 | |
| FileHash-MD5 | 177ef7faab3688572403730171ffb9c4 | MD5 of 2c3edde41e9386bafef248b71974659543a3d774 | 2022-09-15 | |
| FileHash-MD5 | 1a2b18cb40d82dc279eb2ef923c3abd0 | MD5 of a42f1ad2360833baedd2d5f59354c4fc3820c475 | 2022-09-15 | |
| FileHash-MD5 | 1b02ac8c0e1102faaee70f4026cad291 | MD5 of fa5b587ceb5d17f26fe580aca6c02ff2e20ad3c4 | 2022-09-15 | |
| FileHash-MD5 | 1ceca1757cb652ba7e5b0d45f2038955 | — | 2022-09-15 | |
| FileHash-MD5 | 1f7688653c272d5205f9070c2541a68c | MD5 of 8e1bd64acd8bbe819ac60650eb1fa4f501d330ec | 2022-09-15 | |
| FileHash-MD5 | 223feb91efbe265696f318fb7c89c3fd | MD5 of 6e30d3ef2cd0856ff28adce4cc012853840f6440 | 2022-09-15 | |
| FileHash-MD5 | 266cfe755a0a66776df9fd8cd2fee1f1 | MD5 of 0f4bf1d89d080ed318597754e6d3930f8eec49b0 | 2022-09-15 | |
| FileHash-MD5 | 271a5f526a638a9ae712e6a5a64f3106 | MD5 of 2627cdc3324375e6f41f93597a352573e45c0f1e | 2022-09-15 | |
| FileHash-MD5 | 2cb23916ca60a63a67d974f4ddeb2a11 | MD5 of 64ba130e627dd85c85d6534e769d239080e068dd | 2022-09-15 | |
| FileHash-MD5 | 393bd2fd420eecf2d4ca9d61df75ff0c | MD5 of ad6c9b003285e01fc6a02148917e95c780c7d751 | 2022-09-15 | |
| FileHash-MD5 | 395461588e273fab5734db56fa18051b | MD5 of 9579e65e3ae6f03ff7d362be05f9beca07a8b1b3 | 2022-09-15 | |
| FileHash-MD5 | 3c6c1722acfb70bfa4453b69e99c98bb | MD5 of 29968b0c4157f226761073333ff2e82b588ddf8e | 2022-09-15 | |
| FileHash-MD5 | 3dd221b0ea6f863e086868b246a6a104 | MD5 of ffead364ae7a692afec91740d24649396e0fa981 MD5 of ffead364ae7a692afec91740d24649396e0fa981 | 2022-09-15 | |
| FileHash-MD5 | 4215d029dd26c29ce3e0cab530979b19 | MD5 of c1edf6e3a271cf06030cc46cbd90074488c05564 | 2022-09-15 | |
| FileHash-MD5 | 48573a150562c57742230583456b4c02 | MD5 of e6964d467bd99e20bfef556d4ad663934407fd7b | 2022-09-15 | |
| FileHash-MD5 | 4b0edcd1d2953c26b6fc4298e8bf9150 | MD5 of ce03790d1df81165d092e89a077c495b75a14013 | 2022-09-15 | |
| FileHash-MD5 | 4bf2218eb068385ca1bfff8d609c0104 | MD5 of 4711f063a0c67fb11c05efdb40424377799efafd | 2022-09-15 | |
| FileHash-MD5 | 4cdc28ab6e426dc630638488743accfb | MD5 of 0b880fb3414374dbbf582217ee0288a76c904e9b | 2022-09-15 | |
| FileHash-MD5 | 50d3f1708293f40a2c0c1f151c2c426f | MD5 of e2728cabb35c210599e248d0da9791991e38eb41 | 2022-09-15 | |
| FileHash-MD5 | 54ee31eb1eed79d4ddffd1423d5f5e28 | — | 2022-09-15 | |
| FileHash-MD5 | 55ff220e38556ff902528ac984fc72dc | MD5 of b67572a18282e79974dc61fffb8ca3d0f4fca1b0 MD5 of b67572a18282e79974dc61fffb8ca3d0f4fca1b0 | 2022-09-15 | |
| FileHash-MD5 | 58bcfe673d21634616d898c3127bd1bc | MD5 of c6db3e7e723f20ed3bcf4c53fc4748e9591f4c40 | 2022-09-15 | |
| FileHash-MD5 | 5a009a0d0c5ecaac1407fb32ee1c8172 | MD5 of ae18bb317909e16f765ba2e88c3d72d648db2798 | 2022-09-15 | |
| FileHash-MD5 | 5af0cbc18c6f8ed4fd1a3f68961f5452 | MD5 of ed5615ffb5578f1adee66f571ec65a992c033a50 | 2022-09-15 | |
| FileHash-MD5 | 5c66b560f70c0b756bfc840b871864ce | MD5 of eb6a21585899e702fc23b290d449af846123845f MD5 of eb6a21585899e702fc23b290d449af846123845f | 2022-09-15 | |
| FileHash-MD5 | 60f5bc820cf38e78b51e1e20fed290b5 | MD5 of 476489f75fed479f19bac02c79ce1befc62a6633 | 2022-09-15 | |
| FileHash-MD5 | 61a808ce0b645c4824d79865be8888ed | MD5 of f7f69c5ed94a03f6d57e9afd33c2627ff69205f2 MD5 of f7f69c5ed94a03f6d57e9afd33c2627ff69205f2 | 2022-09-15 | |
| FileHash-MD5 | 63558e2980d1c6aaf34beefb657866fe | MD5 of 86222ef166474e53f1eb6d7e6701713834e6fee7 | 2022-09-15 | |
| FileHash-MD5 | 662d094799e9c7108f35c00eb894205f | MD5 of eeb67e663b2fa980c6b228fc2e04304c8992401d | 2022-09-15 | |
| FileHash-MD5 | 85b79953bf2b33fb6118dc04e4c30910 | — | 2022-09-15 | |
| FileHash-MD5 | 8a45dfec98dd96c86d933d9c1d6ef296 | MD5 of 0b0cdf47363fd27bccbfba6d47b842e44a365723 | 2022-09-15 | |
| FileHash-MD5 | 8bd58db9c29c53197dd5d5f09704296e | MD5 of 62172eee1a4591bde2658175dd5b8652d5aead2a | 2022-09-15 | |
| FileHash-MD5 | 8ed01ac79680d84c0ee7a5f027d8b86a | MD5 of c485b0d59b28d37a1ac80380b0d7774bdb9d8248 | 2022-09-15 | |
| FileHash-MD5 | 916be1b609ed3dc80e5039a1d8102e82 | MD5 of 53340f9a49bc21a9e7267173566f4640376147d9 | 2022-09-15 | |
| FileHash-MD5 | 9fc345c25e6ab94bca2db6ee95d2c861 | MD5 of 0482fc2e332918456b9c97d8a9590781095b2b53 | 2022-09-15 | |
| FileHash-MD5 | a42cea20439789bd1d9a51d9063ae3e4 | MD5 of 47b1c9caabe3ae681934a33cd6f3a1b311fd7f9f | 2022-09-15 | |
| FileHash-MD5 | ac94ee83c91ca784a88ff26cf85e273a | MD5 of a9245de692c16f90747388c09e9d02c3ee34577e | 2022-09-15 | |
| FileHash-MD5 | aeb9d12ecbe73bfa91616ebacf24831b | — | 2022-09-15 | |
| FileHash-MD5 | b4790618672197cab31681994bbc10a4 | MD5 of d5b2b30fe2d4759c199e3659d561a50f88a7fb2e | 2022-09-15 | |
| FileHash-MD5 | b7de8927998f3604762096125e114042 | MD5 of cabdfe7e9920aeaa5eaca7f5415d97f564cdec11 | 2022-09-15 | |
| FileHash-MD5 | b884f67c247d3dd6c559372a8a31a898 | MD5 of 22f6a61aa2d490b6a3bc36e93240d05b1e9b956a | 2022-09-15 | |
| FileHash-MD5 | b8fb83d76eb67cbeed0b54c02a68256b | MD5 of efd1c6a926095d36108177045db9ad21df926a6e | 2022-09-15 | |
| FileHash-MD5 | c222199c9a7eb0d162d5e96955739447 | MD5 of fd8793ce4ca23988562794b098b9ed20754f8a90 | 2022-09-15 | |
| FileHash-MD5 | c72dce99e892bbf2537f5285a01985c0 | MD5 of a65b39d3919f15649106a039469013479a31ba4b | 2022-09-15 | |
| FileHash-MD5 | c9ea312c35e9ac0809f1c76044929f2f | — | 2022-09-15 | |
| FileHash-MD5 | d0c3f4c9896d41a7c42737134ffb4c2e | MD5 of 6571f2b9a0aea89f45899b256458da78ac51e6bb MD5 of 6571f2b9a0aea89f45899b256458da78ac51e6bb | 2022-09-15 | |
| FileHash-MD5 | d14b3e0b82e3b5d6b9cc69b098f8126d | MD5 of 46a995df8d9918ca0793404110904479b6adcb9f | 2022-09-15 | |
| FileHash-MD5 | d1b526770abb441d771f4681872d2fcb | MD5 of f2ed8cd0154ae4d6ecf52a0bcf5fa80c7095dcd2 | 2022-09-15 | |
| FileHash-MD5 | d5517542b5f8dc2010933ee17a846569 | MD5 of fe3436294f302a93fbac389291dd20b41b038cba | 2022-09-15 | |
| FileHash-MD5 | da976a502a3afc4ba63611d47c625738 | MD5 of 8074ed48b99968f5d36a494cdeb9f80685beb0f5 MD5 of 8074ed48b99968f5d36a494cdeb9f80685beb0f5 | 2022-09-15 | |
| FileHash-MD5 | e10adc3949ba59abbe56e057f20f883e | — | 2022-09-15 | |
| FileHash-MD5 | e1a5b4ffc612270425d5d31f4c336aa9 | — | 2022-09-15 | |
| FileHash-MD5 | ee41e7c97f417b07177ea420afe510a1 | MD5 of 7ad0eb113bc575363a058f4bf21dbab8c8f7073a | 2022-09-15 | |
| FileHash-MD5 | f3c3ed556072209b60c3342ddefba0f9 | MD5 of 02b04563ef430797051aa13e48971d3490c80636 | 2022-09-15 | |
| FileHash-MD5 | f68a0a3784a7edfc60ad9333ec209cbf | MD5 of c727b8c43943986a888a0428ae7161ff001bf603 | 2022-09-15 | |
| FileHash-MD5 | f7e093d721d2616ecb9067934a615f70 | MD5 of c8096078f0f6c3fbb6d82c5b00211802168f9cba MD5 of c8096078f0f6c3fbb6d82c5b00211802168f9cba | 2022-09-15 | |
| FileHash-MD5 | f8547010eb4238f8fb76f4e8a756e36d | MD5 of 1a999a131144afe8cb7316ebb842da4f38101ac5 | 2022-09-15 | |
| FileHash-MD5 | f898eef9dfa04820bb2f798e063645a7 | MD5 of 5d334e0cb4ff58859e91f9e7f1c451ffdc7544c3 | 2022-09-15 | |
| FileHash-MD5 | f89a4d4ae5cca6d69a5256c96111e707 | MD5 of e8dbcde49c7f760165ebb0cb3452e4f1c24981f5 | 2022-09-15 | |
| FileHash-MD5 | f9b235067b1c607b5b26896d465b6665 | MD5 of faf0fe422259d36494a0b2c9ccefe40dee978f31 | 2022-09-15 | |
| FileHash-MD5 | 8ad0485fd3509042b0a477f65507f711 | — | 2022-09-15 |
References (4)
↗ https://attack.mitre.org/groups/G0130/
↗ https://www.mandiant.com/resources/operation-ke3chang-targeted-attacks-against-ministries-of-foreign-affairs
↗ https://iranthreats.github.io/resources/attribution-flying-rocket-kitten/
↗ https://www.crowdstrike.com/blog/cat-scratch-fever-crowdstrike-tracks-newly-reported-iranian-actor-flying-kitten/