← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Verblecon: Sophisticated New Loader Used in Low-level Attacks
WHITE tr2222200 2023-04-13 Modified: 2023-04-13
17
IOCs
MEDIUM VOLUME
verblecon
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Verblecon
Indicators of Compromise (17)
All domain hostname URL FileHash-SHA256 FileHash-MD5
TYPEINDICATORDESCRIPTIONCREATED
domain verble.software 2023-04-13
domain jonathanhardwick.me 2023-04-13
hostname test.verble.rocks 2023-04-13
URL http://test.verble.rocks/dorflersaladreviews.bin 2023-04-13
URL http://test.verble.rocks/dorflersaladreviews.jar 2023-04-13
URL https://jonathanhardwick.me/config.txt 2023-04-13
URL https://jonathanhardwick.me/hardwick.bin 2023-04-13
URL https://jonathanhardwick.me/hardwick.jar 2023-04-13
URL http://verble.software/styles.jar 2023-04-13
FileHash-SHA256 f3f4af5f5eae1a28ad5a01b56d71302a265bce17d2c87ce731edf440612818a6 2023-04-13
FileHash-SHA256 007f5898c52c3aa1c3dca6d3a30f28f5f72d9789fbb440ae656d88959f68e53e 2023-04-13
FileHash-SHA256 5a4f6332ad08b35c055bb5e6dfddc79d2f7905e63fac7595efbedd0b27f12eb8 2023-04-13
FileHash-SHA256 3688c249774cc9a28d2b9b316921cec842bb087c57f4733cf5866226fbe2aeed 2023-04-13
FileHash-SHA256 32a9415daa7f37a93dd0b347461844673c0f5baf0c15c01ee48b147dadf28299 2023-04-13
URL https://gaymers.ax/ 2023-04-13
FileHash-MD5 923ec15ffa4474ca7bf200bfb90e782d 2023-04-13
domain gaymers.ax 2023-04-13
References (1)
↗ https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/verblecon-sophisticated-malware-cryptocurrency-mining-discord