← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
SmoothOperator | Ongoing Campaign Trojanizes 3CXDesktopApp in Supply Chain Attack - SentinelOne
WHITE Tr1sa111 2023-03-31 Modified: 2023-03-31
41
IOCs
MEDIUM VOLUME
pabxSupply chain
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (41)
All FileHash-SHA1 URL domain email
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 20d554a80d759c50d6537dd7097fed84dd258b3e 2023-03-31
FileHash-SHA1 bf939c9c261d27ee7bb92325cc588624fca75429 2023-03-31
FileHash-SHA1 cad1120d91b812acafef7175f949dd1b09c6c21a 2023-03-31
URL https://akamaitechcloudservices.com/v2/storage 2023-03-31
URL https://azuredeploystore.com/cloud/services 2023-03-31
URL https://azureonlinestorage.com/azure/storage 2023-03-31
URL https://glcloudservice.com/v1/console 2023-03-31
URL https://msedgepackageinfo.com/microsoft-edge 2023-03-31
URL https://msedgeupdate.net/Windows 2023-03-31
URL https://msstorageazure.com/window 2023-03-31
URL https://msstorageboxes.com/office 2023-03-31
URL https://officeaddons.com/technologies 2023-03-31
URL https://officestoragebox.com/api/session 2023-03-31
URL https://pbxcloudeservices.com/phonesystem 2023-03-31
URL https://pbxphonenetwork.com/voip 2023-03-31
URL https://pbxsources.com/exchange 2023-03-31
URL https://sourceslabs.com/downloads 2023-03-31
URL https://visualstudiofactory.com/workload 2023-03-31
URL https://zacharryblogs.com/feed 2023-03-31
domain akamaitechcloudservices.com 2023-03-31
domain azuredeploystore.com 2023-03-31
domain azureonlinestorage.com 2023-03-31
domain convieneonline.com 2023-03-31
domain glcloudservice.com 2023-03-31
domain msedgepackageinfo.com 2023-03-31
domain msedgeupdate.net 2023-03-31
domain msstorageazure.com 2023-03-31
domain msstorageboxes.com 2023-03-31
domain officeaddons.com 2023-03-31
domain officestoragebox.com 2023-03-31
domain pbxcloudeservices.com 2023-03-31
domain pbxphonenetwork.com 2023-03-31
domain pbxsources.com 2023-03-31
domain sourceslabs.com 2023-03-31
domain soyoungjun.com 2023-03-31
domain visualstudiofactory.com 2023-03-31
domain zacharryblogs.com 2023-03-31
URL https://www.3cx.com/blog/event-trainings/ 2023-03-31
email cliego.garcia@proton.me 2023-03-31
email philip.je@proton.me 2023-03-31
URL https://github.com/IconStorages/images 2023-03-31
References (1)
↗ https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/