← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
DangerousSavanna: Two-year long campaign targets financial institutions in French-speaking Africa
WHITE AlienVault 2022-10-25 Modified: 2022-10-25
133
IOCs
HIGH VOLUME
Checkpoint researchers have discovered a malicious email campaign targeting financial institutions in West and North Africa. This campaign, which has been running for almost two years, often changes its tools and methods, demonstrating the actors’ knowledge of open-source tools and penetration testing software. Checkpoint researchers expect that this campaign, which shows no signs of stopping or slowing down, will continue to adjust its operations and methods with an eye to maximizing its financial gain.
poshc2powershelllnk fileamsi bypassmetasploitasyncratsmartassemblycrackmapexedwservice
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
PoshC2 metasploit DWservice AsyncRAT
Indicators of Compromise (86 / 133 total)
All domain FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 f4a8605fa09e447108eb714eccad57d0 2022-10-25
FileHash-MD5 020ea21556b56229bb9714e721d893df 2022-10-25
FileHash-MD5 0789e52f16f5fc4ac2dbebadf53d44ec 2022-10-25
FileHash-MD5 0b1d7c043be8c696d53d63fc0c834195 2022-10-25
FileHash-MD5 16157cdfd7b0ea98c44df15fb2fcb417 2022-10-25
FileHash-MD5 1818f84f7f51be74a408f5e193ba5908 2022-10-25
FileHash-MD5 18889d70d5546b861c6fa4ec11126942 2022-10-25
FileHash-MD5 192b70891de0d54af6fa46bd35a5fd87 2022-10-25
FileHash-MD5 1ccd2ce1e827b598207cc65e16686b7b 2022-10-25
FileHash-MD5 1eb29f64f19e07d42d9ad8f6597424b8 2022-10-25
FileHash-MD5 1eed3153b1afae1676ebd0db99ac5802 2022-10-25
FileHash-MD5 1f4f537e550e4299a945a97c1f8a0441 2022-10-25
FileHash-MD5 28165bb98959e7e7d9be67f0d248b31d 2022-10-25
FileHash-MD5 2c95e83759487d78070b56e40843c543 2022-10-25
FileHash-MD5 2e7c90c45b3cd8db15cd22e0caacfd40 2022-10-25
FileHash-MD5 31515f871cb12d538d53e730e5ddd406 2022-10-25
FileHash-MD5 3227c8a45ce4ccf8c475a51b331720c1 2022-10-25
FileHash-MD5 3c70bc09d1f8033e57323879d50ca3ce 2022-10-25
FileHash-MD5 40ec0d84272f1f2394b4a3b74dafbf70 2022-10-25
FileHash-MD5 46058baa3ef1bdf553d89439cacf0675 2022-10-25
FileHash-MD5 46a0071b7e5ea442580a2f80d2fcef42 2022-10-25
FileHash-MD5 47c68680c9a00b117764114668357e23 2022-10-25
FileHash-MD5 47cf9fda04b2abef75f1eca9804aaebe 2022-10-25
FileHash-MD5 496f2a2f14bda410b5f3dcff40bf56c3 2022-10-25
FileHash-MD5 4bf28df12d9e7d99bc902edb6d23c6e2 2022-10-25
FileHash-MD5 4f52ca22d2d28e1ecdb9fba92e4cdde3 2022-10-25
FileHash-MD5 4fb7503dd8b21396bf9643e0dce70fcf 2022-10-25
FileHash-MD5 4ffd8ae803d7498e2d5a7a7a3a1268f8 2022-10-25
FileHash-MD5 5038e5cd4888adb3661d9958f04a1ec1 2022-10-25
FileHash-MD5 505724eac0faf0eb32e4ad25ab5cddfe 2022-10-25
FileHash-MD5 518a533d6ff1d86afc0f7d94c0a1be7c 2022-10-25
FileHash-MD5 565a87ba8e79f5e081ea937068082afd 2022-10-25
FileHash-MD5 57511cb12fb5f505b3330dfec18f3432 2022-10-25
FileHash-MD5 65cbaec27b51d54dc0bceeef298719a8 2022-10-25
FileHash-MD5 66ac99b3501846a6c18f2671dbf31873 2022-10-25
FileHash-MD5 6702f0057c401cf390adc28d201118f8 2022-10-25
FileHash-MD5 6b14a4d6212087fe8d88ad012dbc8598 2022-10-25
FileHash-MD5 6b781c1082014a0177f42e918adb35de 2022-10-25
FileHash-MD5 6c737910247e3122fe810df6a63581f7 2022-10-25
FileHash-MD5 6c7846d955bb5f3842bb7c35fae1569a 2022-10-25
FileHash-MD5 725489b29e7afbc045b2814dff5474a6 2022-10-25
FileHash-MD5 72ca000f40335d771936d077d4cabefb 2022-10-25
FileHash-MD5 75931e00c81274b1c279d23dfdb0bbad 2022-10-25
FileHash-MD5 76a8391c77723b06587f648dcbde07e9 2022-10-25
FileHash-MD5 775c0666a7a482ce664c72ed9195f120 2022-10-25
FileHash-MD5 7a4927e1a2aad1bc8ccef956130df0c0 2022-10-25
FileHash-MD5 7b8d0b4e718bc543de4a049e23672d79 2022-10-25
FileHash-MD5 7b91f06584afdc4a2aa6edd9d04198b7 2022-10-25
FileHash-MD5 853403bd5feea1ecf83e812759e1ccc7 2022-10-25
FileHash-MD5 8690ccd36c9d63b63e8d0278f0449e3b 2022-10-25
FileHash-MD5 886a8ded2ea2f35ee009088d2c24dd32 2022-10-25
FileHash-MD5 889e8b93ec0c16ffac62ced220ed8e30 2022-10-25
FileHash-MD5 8f4392f839152c9614699048ee4fea11 2022-10-25
FileHash-MD5 953d5a3d8e00bbd2dba08579d95c61dc 2022-10-25
FileHash-MD5 98bf46542e3e9daa280ef0b395a7dabd 2022-10-25
FileHash-MD5 9a57a80692012878fcb463f41ce6dcfa 2022-10-25
FileHash-MD5 9d50143836d41726b6564a524453b868 2022-10-25
FileHash-MD5 9d9da1992f63776e135c1c1215ee1741 2022-10-25
FileHash-MD5 a027a4f65e0b0a83eccb56d9047347bd 2022-10-25
FileHash-MD5 a5fd946bc7e8b12cdfd207790216b4b1 2022-10-25
FileHash-MD5 a6d8cc18af5a983b4c1a7f4838780b01 2022-10-25
FileHash-MD5 aa3f386f10864f46a09610d0e03a26b5 2022-10-25
FileHash-MD5 aeee6b71690a1df75792fcd3d11b8ede 2022-10-25
FileHash-MD5 af8de58e3538fcb40334109bcd571939 2022-10-25
FileHash-MD5 b397383ba85fc726b424aac26b42f6ae 2022-10-25
FileHash-MD5 b651f7dcfeb3e304f7eb636000a6b935 2022-10-25
FileHash-MD5 b895d34958be7565888c15a51e0c73c7 2022-10-25
FileHash-MD5 b95ba7fb130f95ccae13c54312a69d36 2022-10-25
FileHash-MD5 bac7be7eebb8670ae624a0179a366148 2022-10-25
FileHash-MD5 be82532aa428dc5f30107ccfa08da8c6 2022-10-25
FileHash-MD5 c43c50baa3271b375298847bf6a7fc13 2022-10-25
FileHash-MD5 c4ee082a4ce704dcb3145e2cfd47ef6f 2022-10-25
FileHash-MD5 c7beb386813580a4c4812de3ee1aa429 2022-10-25
FileHash-MD5 c8ed3353ae9c8b84ea7a9e81d2828193 2022-10-25
FileHash-MD5 c9c001c45b2eecaee9704fb21e731ac7 2022-10-25
FileHash-MD5 ca09b19b6975e090fb4eda6ced1847b1 2022-10-25
FileHash-MD5 cced9e8b1a99b9000f4b958f13b164a5 2022-10-25
FileHash-MD5 d32e387d60a18fd90c4854f167b4df4b 2022-10-25
FileHash-MD5 d43e6ae895039108cf68a36140190b0f 2022-10-25
FileHash-MD5 daa6ce148e2b8e5fd694183338db6ec9 2022-10-25
FileHash-MD5 e166ee1de912bf17453d2da1dc06fc6d 2022-10-25
FileHash-MD5 e2c3a6bcb015e2e5137d4a46881d38b6 2022-10-25
FileHash-MD5 f0960552876da5ef74b8ece55116929e 2022-10-25
FileHash-MD5 f2afcfd2ecfb3ea3261855ce1a4747b7 2022-10-25
FileHash-MD5 f2e6a9154ab6cd29b337d6b555367580 2022-10-25
FileHash-MD5 fae63014d33efe844a25f2606de900b6 2022-10-25
References (1)
↗ https://research.checkpoint.com/2022/dangeroussavanna-two-year-long-campaign-targets-financial-institutions-in-french-speaking-africa/