Pulse Detail — Threat Intelligence

PULSE NAME

DoNot Go! Do not respawn!

WHITE Donot Team AlienVault 2023-01-26 Modified: 2023-02-25

111

IOCs

HIGH VOLUME

Donot Team is a persistent and persistent threat actor targeting government and military entities in several South Asian countries, according to ESET security researchers, who have traced several campaigns using malware derived from the group's signature.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1588.005 T1566.001 T1204.002 T1059.005 T1059.003 T1203 T1053.005 T1036.005 T1057 T1534 T1005 T1025 T1074.001 T1113 T1071.001 T1048.003

Indicators of Compromise (21 / 111 total)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	0bb3b3d5f5cc449b5176ea87b6362430	MD5 of 4fa31531108cc68ff1865e2eb5654f7b3da8d820	2023-01-26
FileHash-MD5	122c0dcbba1ca1dd12bcac73407f3fc8	MD5 of 6ae606659f8e0e19b69f0cb61eb9a94e66693f35	2023-01-26
FileHash-MD5	291109ca6d9340da0a7b37ecc3fb00ed	MD5 of 6643acd5b07444d1b2c049bde61dd66beb0bd247	2023-01-26
FileHash-MD5	38db0a9fb072f8aff34d77229cf498af	MD5 of 771b4bea921f509fc37016f5fa22890ca3338a65	2023-01-26
FileHash-MD5	3d4fa8438f316a4740429c3fa55add8c	MD5 of fcfee44da272e6eb3fc2c071947df1180f1a8ae1	2023-01-26
FileHash-MD5	43a909814aa5467cb45f8e59ed2fd3b0	MD5 of 6194e0eca5d494980df5b9ab5cea8379665ed46a	2023-01-26
FileHash-MD5	44bba4d1a829a10d8b351d6026704a96	MD5 of 0290abf0530a2fd2dfb0de29248ba3cabb58d2ad	2023-01-26
FileHash-MD5	47af4ae5593181d1b9633f27bec8f9b9	MD5 of f67abc483ee2114d96a90fa0a39496c42ef050b5	2023-01-26
FileHash-MD5	48a840def9a4858e2a26551f15a66447	MD5 of 9185defc6f024285092b563efa69ea410bd6f85b	2023-01-26
FileHash-MD5	49346c3a3508ce2225fbe19f365feb41	MD5 of 7ddf48ab1cf99990cb61eeaeb3ed06ed8e70a81b	2023-01-26
FileHash-MD5	6b3075b32560d62424505efd4af0f38e	MD5 of bb0c857908afc878caeec3a0da2cbb0a4fd4ef04	2023-01-26
FileHash-MD5	98a3c157c530d76c5969b785954ed4f7	MD5 of 89ed760d544cefc6082a3649e8079ec87425fe66 MD5 of 89ed760d544cefc6082a3649e8079ec87425fe66	2023-01-26
FileHash-MD5	a9b22e50ecebe7a1b8bc723a1a3ebc93	MD5 of 540e7338725cbaa2f33966d5c1ae2c34552d4988	2023-01-26
FileHash-MD5	b016f438b7aafe578a053f18e4b9c71d	MD5 of 1352a8394ccce7491072aaac9d19ed584e607757	2023-01-26
FileHash-MD5	b18b729e1ec41b5aa3a8da696e3e4919	MD5 of 526e5c25140f7a70ba9f643ada55ae24939d10ae MD5 of 526e5c25140f7a70ba9f643ada55ae24939d10ae	2023-01-26
FileHash-MD5	ba6a046e809b9a5ec79ab2fbfdc83d73	MD5 of dbc8fa70dfed7632ea21b9aaca07cc793712bff3	2023-01-26
FileHash-MD5	c531319309db1a034936e245f6414959	MD5 of 1917316c854af9da9ebdbd4ed4cbadf4fdcfa4ce	2023-01-26
FileHash-MD5	d2f6ef73b77b38da16894bfe2d0e4cd0	MD5 of 49e58c6de5245796aef992d16a0962541f1dae0c	2023-01-26
FileHash-MD5	d8f19b4b3b74cf6f4cb2482c4dc88d37	MD5 of a15d011bed98bce65db597ffd2d5fde49d46cfa2	2023-01-26
FileHash-MD5	da4c79cb5bf3701f675f793bc4f23dda	MD5 of b2263a6688e512d90629a3a621b2ee003b1b959e	2023-01-26
FileHash-MD5	f915e60a23fc64a79ff2f2d802c31660	MD5 of f74e6c2c0e26997fdb4dd89aa3d8bd5b270637cc	2023-01-26

References (1)

↗ https://www.welivesecurity.com/2022/01/18/donot-go-do-not-respawn/