← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
DangerousSavanna: Two-year long campaign targets financial institutions in French-speaking Africa
Checkpoint researchers have discovered a malicious email campaign targeting financial institutions in West and North Africa. This campaign, which has been running for almost two years, often changes its tools and methods, demonstrating the actors’ knowledge of open-source tools and penetration testing software. Checkpoint researchers expect that this campaign, which shows no signs of stopping or slowing down, will continue to adjust its operations and methods with an eye to maximizing its financial gain.
MITRE ATT&CK & Malware Families
Indicators of Compromise (133)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| domain | filesend.jp | — | 2022-10-25 | |
| FileHash-MD5 | f4a8605fa09e447108eb714eccad57d0 | — | 2022-10-25 | |
| FileHash-SHA1 | 3313518a660472137f3395488bc65b80e858c785 | SHA1 of f4a8605fa09e447108eb714eccad57d0 | 2022-10-25 | |
| FileHash-SHA256 | 65388147767a2ddc20616ebe7b461cc3ee2961039c2471e2568b6e8086d742ae | SHA256 of f4a8605fa09e447108eb714eccad57d0 | 2022-10-25 | |
| FileHash-MD5 | 020ea21556b56229bb9714e721d893df | — | 2022-10-25 | |
| FileHash-MD5 | 0789e52f16f5fc4ac2dbebadf53d44ec | — | 2022-10-25 | |
| FileHash-MD5 | 0b1d7c043be8c696d53d63fc0c834195 | — | 2022-10-25 | |
| FileHash-MD5 | 16157cdfd7b0ea98c44df15fb2fcb417 | — | 2022-10-25 | |
| FileHash-MD5 | 1818f84f7f51be74a408f5e193ba5908 | — | 2022-10-25 | |
| FileHash-MD5 | 18889d70d5546b861c6fa4ec11126942 | — | 2022-10-25 | |
| FileHash-MD5 | 192b70891de0d54af6fa46bd35a5fd87 | — | 2022-10-25 | |
| FileHash-MD5 | 1ccd2ce1e827b598207cc65e16686b7b | — | 2022-10-25 | |
| FileHash-MD5 | 1eb29f64f19e07d42d9ad8f6597424b8 | — | 2022-10-25 | |
| FileHash-MD5 | 1eed3153b1afae1676ebd0db99ac5802 | — | 2022-10-25 | |
| FileHash-MD5 | 1f4f537e550e4299a945a97c1f8a0441 | — | 2022-10-25 | |
| FileHash-MD5 | 28165bb98959e7e7d9be67f0d248b31d | — | 2022-10-25 | |
| FileHash-MD5 | 2c95e83759487d78070b56e40843c543 | — | 2022-10-25 | |
| FileHash-MD5 | 2e7c90c45b3cd8db15cd22e0caacfd40 | — | 2022-10-25 | |
| FileHash-MD5 | 31515f871cb12d538d53e730e5ddd406 | — | 2022-10-25 | |
| FileHash-MD5 | 3227c8a45ce4ccf8c475a51b331720c1 | — | 2022-10-25 | |
| FileHash-MD5 | 3c70bc09d1f8033e57323879d50ca3ce | — | 2022-10-25 | |
| FileHash-MD5 | 40ec0d84272f1f2394b4a3b74dafbf70 | — | 2022-10-25 | |
| FileHash-MD5 | 46058baa3ef1bdf553d89439cacf0675 | — | 2022-10-25 | |
| FileHash-MD5 | 46a0071b7e5ea442580a2f80d2fcef42 | — | 2022-10-25 | |
| FileHash-MD5 | 47c68680c9a00b117764114668357e23 | — | 2022-10-25 | |
| FileHash-MD5 | 47cf9fda04b2abef75f1eca9804aaebe | — | 2022-10-25 | |
| FileHash-MD5 | 496f2a2f14bda410b5f3dcff40bf56c3 | — | 2022-10-25 | |
| FileHash-MD5 | 4bf28df12d9e7d99bc902edb6d23c6e2 | — | 2022-10-25 | |
| FileHash-MD5 | 4f52ca22d2d28e1ecdb9fba92e4cdde3 | — | 2022-10-25 | |
| FileHash-MD5 | 4fb7503dd8b21396bf9643e0dce70fcf | — | 2022-10-25 | |
| FileHash-MD5 | 4ffd8ae803d7498e2d5a7a7a3a1268f8 | — | 2022-10-25 | |
| FileHash-MD5 | 5038e5cd4888adb3661d9958f04a1ec1 | — | 2022-10-25 | |
| FileHash-MD5 | 505724eac0faf0eb32e4ad25ab5cddfe | — | 2022-10-25 | |
| FileHash-MD5 | 518a533d6ff1d86afc0f7d94c0a1be7c | — | 2022-10-25 | |
| FileHash-MD5 | 565a87ba8e79f5e081ea937068082afd | — | 2022-10-25 | |
| FileHash-MD5 | 57511cb12fb5f505b3330dfec18f3432 | — | 2022-10-25 | |
| FileHash-MD5 | 65cbaec27b51d54dc0bceeef298719a8 | — | 2022-10-25 | |
| FileHash-MD5 | 66ac99b3501846a6c18f2671dbf31873 | — | 2022-10-25 | |
| FileHash-MD5 | 6702f0057c401cf390adc28d201118f8 | — | 2022-10-25 | |
| FileHash-MD5 | 6b14a4d6212087fe8d88ad012dbc8598 | — | 2022-10-25 | |
| FileHash-MD5 | 6b781c1082014a0177f42e918adb35de | — | 2022-10-25 | |
| FileHash-MD5 | 6c737910247e3122fe810df6a63581f7 | — | 2022-10-25 | |
| FileHash-MD5 | 6c7846d955bb5f3842bb7c35fae1569a | — | 2022-10-25 | |
| FileHash-MD5 | 725489b29e7afbc045b2814dff5474a6 | — | 2022-10-25 | |
| FileHash-MD5 | 72ca000f40335d771936d077d4cabefb | — | 2022-10-25 | |
| FileHash-MD5 | 75931e00c81274b1c279d23dfdb0bbad | — | 2022-10-25 | |
| FileHash-MD5 | 76a8391c77723b06587f648dcbde07e9 | — | 2022-10-25 | |
| FileHash-MD5 | 775c0666a7a482ce664c72ed9195f120 | — | 2022-10-25 | |
| FileHash-MD5 | 7a4927e1a2aad1bc8ccef956130df0c0 | — | 2022-10-25 | |
| FileHash-MD5 | 7b8d0b4e718bc543de4a049e23672d79 | — | 2022-10-25 | |
| FileHash-MD5 | 7b91f06584afdc4a2aa6edd9d04198b7 | — | 2022-10-25 | |
| FileHash-MD5 | 853403bd5feea1ecf83e812759e1ccc7 | — | 2022-10-25 | |
| FileHash-MD5 | 8690ccd36c9d63b63e8d0278f0449e3b | — | 2022-10-25 | |
| FileHash-MD5 | 886a8ded2ea2f35ee009088d2c24dd32 | — | 2022-10-25 | |
| FileHash-MD5 | 889e8b93ec0c16ffac62ced220ed8e30 | — | 2022-10-25 | |
| FileHash-MD5 | 8f4392f839152c9614699048ee4fea11 | — | 2022-10-25 | |
| FileHash-MD5 | 953d5a3d8e00bbd2dba08579d95c61dc | — | 2022-10-25 | |
| FileHash-MD5 | 98bf46542e3e9daa280ef0b395a7dabd | — | 2022-10-25 | |
| FileHash-MD5 | 9a57a80692012878fcb463f41ce6dcfa | — | 2022-10-25 | |
| FileHash-MD5 | 9d50143836d41726b6564a524453b868 | — | 2022-10-25 | |
| FileHash-MD5 | 9d9da1992f63776e135c1c1215ee1741 | — | 2022-10-25 | |
| FileHash-MD5 | a027a4f65e0b0a83eccb56d9047347bd | — | 2022-10-25 | |
| FileHash-MD5 | a5fd946bc7e8b12cdfd207790216b4b1 | — | 2022-10-25 | |
| FileHash-MD5 | a6d8cc18af5a983b4c1a7f4838780b01 | — | 2022-10-25 | |
| FileHash-MD5 | aa3f386f10864f46a09610d0e03a26b5 | — | 2022-10-25 | |
| FileHash-MD5 | aeee6b71690a1df75792fcd3d11b8ede | — | 2022-10-25 | |
| FileHash-MD5 | af8de58e3538fcb40334109bcd571939 | — | 2022-10-25 | |
| FileHash-MD5 | b397383ba85fc726b424aac26b42f6ae | — | 2022-10-25 | |
| FileHash-MD5 | b651f7dcfeb3e304f7eb636000a6b935 | — | 2022-10-25 | |
| FileHash-MD5 | b895d34958be7565888c15a51e0c73c7 | — | 2022-10-25 | |
| FileHash-MD5 | b95ba7fb130f95ccae13c54312a69d36 | — | 2022-10-25 | |
| FileHash-MD5 | bac7be7eebb8670ae624a0179a366148 | — | 2022-10-25 | |
| FileHash-MD5 | be82532aa428dc5f30107ccfa08da8c6 | — | 2022-10-25 | |
| FileHash-MD5 | c43c50baa3271b375298847bf6a7fc13 | — | 2022-10-25 | |
| FileHash-MD5 | c4ee082a4ce704dcb3145e2cfd47ef6f | — | 2022-10-25 | |
| FileHash-MD5 | c7beb386813580a4c4812de3ee1aa429 | — | 2022-10-25 | |
| FileHash-MD5 | c8ed3353ae9c8b84ea7a9e81d2828193 | — | 2022-10-25 | |
| FileHash-MD5 | c9c001c45b2eecaee9704fb21e731ac7 | — | 2022-10-25 | |
| FileHash-MD5 | ca09b19b6975e090fb4eda6ced1847b1 | — | 2022-10-25 | |
| FileHash-MD5 | cced9e8b1a99b9000f4b958f13b164a5 | — | 2022-10-25 | |
| FileHash-MD5 | d32e387d60a18fd90c4854f167b4df4b | — | 2022-10-25 | |
| FileHash-MD5 | d43e6ae895039108cf68a36140190b0f | — | 2022-10-25 | |
| FileHash-MD5 | daa6ce148e2b8e5fd694183338db6ec9 | — | 2022-10-25 | |
| FileHash-MD5 | e166ee1de912bf17453d2da1dc06fc6d | — | 2022-10-25 | |
| FileHash-MD5 | e2c3a6bcb015e2e5137d4a46881d38b6 | — | 2022-10-25 | |
| FileHash-MD5 | f0960552876da5ef74b8ece55116929e | — | 2022-10-25 | |
| FileHash-MD5 | f2afcfd2ecfb3ea3261855ce1a4747b7 | — | 2022-10-25 | |
| FileHash-MD5 | f2e6a9154ab6cd29b337d6b555367580 | — | 2022-10-25 | |
| FileHash-MD5 | fae63014d33efe844a25f2606de900b6 | — | 2022-10-25 | |
| FileHash-SHA1 | 0f53933ae20f1bc5abdb9efd6ef73aa1e4ded65a | SHA1 of 0789e52f16f5fc4ac2dbebadf53d44ec | 2022-10-25 | |
| FileHash-SHA1 | 1561bafe1bf4e619a541f07eca8f0a2322f9f686 | SHA1 of 020ea21556b56229bb9714e721d893df | 2022-10-25 | |
| FileHash-SHA1 | 23063660cce71c3a456530cbfd9f35f24e150be2 | SHA1 of 0b1d7c043be8c696d53d63fc0c834195 | 2022-10-25 | |
| FileHash-SHA1 | 2b5627f63a42e34e370f932046cb16cd2bc2345e | SHA1 of 505724eac0faf0eb32e4ad25ab5cddfe | 2022-10-25 | |
| FileHash-SHA1 | 34c29958ea7508f320ece7dd0e2d1e43f7e50b5c | SHA1 of 1eb29f64f19e07d42d9ad8f6597424b8 | 2022-10-25 | |
| FileHash-SHA1 | 3c2d9acaa0d718945fc214ffbbe6cf8477966e38 | SHA1 of be82532aa428dc5f30107ccfa08da8c6 | 2022-10-25 | |
| FileHash-SHA1 | 5f47c874994b92b274a1deb458fb932c0d1712df | SHA1 of c8ed3353ae9c8b84ea7a9e81d2828193 | 2022-10-25 | |
| FileHash-SHA1 | 8a905f25e0dd1814b9b97ba2b87d3d61b01b8b7a | SHA1 of af8de58e3538fcb40334109bcd571939 | 2022-10-25 | |
| FileHash-SHA1 | a4c8dc4241f122ac2efbceca53cb7f01bdd95f4f | SHA1 of c4ee082a4ce704dcb3145e2cfd47ef6f | 2022-10-25 | |
| FileHash-SHA1 | a7a2f5f7a70dab85f6ee173b9cde4507ed723ac5 | SHA1 of ca09b19b6975e090fb4eda6ced1847b1 | 2022-10-25 | |
| FileHash-SHA1 | b901b39ee535dc56ec224e953833ba1909a1b959 | SHA1 of 1f4f537e550e4299a945a97c1f8a0441 | 2022-10-25 | |
| FileHash-SHA1 | c622aea6a413be01c4b343bde0195116e606cad8 | SHA1 of 9d50143836d41726b6564a524453b868 | 2022-10-25 | |
| FileHash-SHA1 | cc6f5e8cc2e6ecded9a33a7c8ac3a473e54141fb | SHA1 of 4ffd8ae803d7498e2d5a7a7a3a1268f8 | 2022-10-25 | |
| FileHash-SHA1 | d0db0b0dc75cf88b8324bd931196d540bebd1cbe | SHA1 of 7b8d0b4e718bc543de4a049e23672d79 | 2022-10-25 | |
| FileHash-SHA1 | dcf6430ae67fbfbdf09e5c4421b1ad82b1918431 | SHA1 of 192b70891de0d54af6fa46bd35a5fd87 | 2022-10-25 | |
| FileHash-SHA1 | eef7ed8bd9bcee074e917cf295badf9ad5de936f | SHA1 of 18889d70d5546b861c6fa4ec11126942 | 2022-10-25 | |
| FileHash-SHA1 | fd708fd4582d131eadd22ab1d5a7c098578839d7 | SHA1 of 725489b29e7afbc045b2814dff5474a6 | 2022-10-25 | |
| FileHash-SHA256 | 06dd289ce10ab46e5af6e81308a55e15ab6aa1c4d516ed13dc25b70b6d980ff0 | SHA256 of c4ee082a4ce704dcb3145e2cfd47ef6f | 2022-10-25 | |
| FileHash-SHA256 | 29b09a91cde3a03202f5a3c54140ce61ae0c78dbc4845e40c04dcf3d116fc34b | SHA256 of 7b8d0b4e718bc543de4a049e23672d79 | 2022-10-25 | |
| FileHash-SHA256 | 2a1c9b2357857d96146f7811b5985f7824dea6125b2b0a58cdf6fe24423e5a1f | SHA256 of 1eb29f64f19e07d42d9ad8f6597424b8 | 2022-10-25 | |
| FileHash-SHA256 | 41075a26a04b275417fdb62d276f62c8a0ef6a460dd1bed6dc45d9768680b2da | SHA256 of 0b1d7c043be8c696d53d63fc0c834195 | 2022-10-25 | |
| FileHash-SHA256 | 44de617e4be8e379542c6ac4408527f89b5ea4c294feb1b9c4250dd2c019135e | SHA256 of 725489b29e7afbc045b2814dff5474a6 | 2022-10-25 | |
| FileHash-SHA256 | 4c3bbbccfb01b160e43fff15aeb4a2b97b8c2b330ef4587924f618a5f77b9209 | SHA256 of c8ed3353ae9c8b84ea7a9e81d2828193 | 2022-10-25 | |
| FileHash-SHA256 | 57fa6b0245f3a5009e57da1d0cac9466f07e61bf37db7d3c9f59eee2ce4db1e7 | SHA256 of 18889d70d5546b861c6fa4ec11126942 | 2022-10-25 | |
| FileHash-SHA256 | 58b530be7bc9ed16fa28a68202e21aa5b9e5508a72034faf78e6e62bccf10a8b | SHA256 of 192b70891de0d54af6fa46bd35a5fd87 | 2022-10-25 | |
| FileHash-SHA256 | 5b41cfe569d7ff502e5eade3a054ea222869ca796ef2abc59c642dfabb1180e5 | SHA256 of 9d50143836d41726b6564a524453b868 | 2022-10-25 | |
| FileHash-SHA256 | 944a8fac13b495f11628696c04673115c90ee650fc8ff3e440335e6d73df2496 | SHA256 of 020ea21556b56229bb9714e721d893df | 2022-10-25 | |
| FileHash-SHA256 | a2682fcb15399d31f8934d68509c45a6ff11fb7044367878f8666636c10f9368 | SHA256 of 0789e52f16f5fc4ac2dbebadf53d44ec | 2022-10-25 | |
| FileHash-SHA256 | be88db263dee3dcd1a9a236c7dd4b7885ea664e6df404f910a5e0173d1be19c4 | SHA256 of 505724eac0faf0eb32e4ad25ab5cddfe | 2022-10-25 | |
| FileHash-SHA256 | d5b5d4707a795a439e8b93e6918fc65909f42be7acb870ca10118f2c053bb50b | SHA256 of 1f4f537e550e4299a945a97c1f8a0441 | 2022-10-25 | |
| FileHash-SHA256 | df4aa1ccf8877ff8e7adf827edfe605593af52ce1bcd650318a8508778caffce | SHA256 of be82532aa428dc5f30107ccfa08da8c6 | 2022-10-25 | |
| FileHash-SHA256 | f2f36bb7ca1e31a0ba48f4681de1754be377615f388c1a672bc294f0ccc80a86 | SHA256 of 4ffd8ae803d7498e2d5a7a7a3a1268f8 | 2022-10-25 | |
| FileHash-SHA256 | f5b94d5813313767eb85b8cb47d93ed48b32d82fcaad963382146dc8c55f3691 | SHA256 of af8de58e3538fcb40334109bcd571939 | 2022-10-25 | |
| FileHash-SHA256 | f970630a41a2e8fe61fa3f2cf69dff87ac3fb272d006d6af866ca17264b14ff3 | SHA256 of ca09b19b6975e090fb4eda6ced1847b1 | 2022-10-25 | |
| URL | http://4sync.com/web/directDownload/QHZsERS6/rHb0lMWD.f2e6a9154ab6cd29b337d6b555367580 | — | 2022-10-25 | |
| URL | http://4sync.com/web/directDownload/rE33SDmE/iNXXJkWJ.4bf28df12d9e7d99bc902edb6d23c6e2 | — | 2022-10-25 | |
| domain | aeternam.me | — | 2022-10-25 | |
| domain | i-development.one | — | 2022-10-25 | |
| domain | tf-bank.com | — | 2022-10-25 | |
| hostname | nedbankplc.4nmn.com | — | 2022-10-25 | |
| hostname | paste.c-net.org | — | 2022-10-25 | |
| hostname | paste.inexa-group.com | — | 2022-10-25 | |
| hostname | press.giize.com | — | 2022-10-25 | |
| hostname | secure.graviom.fr | — | 2022-10-25 |