Pulse Detail — Threat Intelligence

PULSE NAME

Educated Manticore - Iran Aligned Threat Actor Targeting Israel via Improved Arsenal of Tools - Check Point Research

WHITE Nemesis Kitten CyberHunter_NL 2023-04-26 Modified: 2023-04-26

IOCs

MEDIUM VOLUME

Check Point Research’s latest report on Educated Manticore, an Iranian-aligned threat actor targeting Israel, reveals a new and improved infection chain, including an updated version of Implant PowerLess.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1547 T1127 T1562 T1059 T1056 T1204

MALWARE FAMILIES

AgentFinal.exe PowerLess

Indicators of Compromise (4 / 24 total)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	1d1fb0bb21b94fc0b017a4dada231e17	—	2023-04-26
FileHash-MD5	34624051816246d4a1a7f225d966d139	—	2023-04-26
FileHash-MD5	bb14611f7aae441fb78f2ca919b800b5	—	2023-04-26
FileHash-MD5	f954163017df10d2499089027011c530	MD5 of 4fcde8ec5983cf1465ff7dbcd7d90fcd47d666b0b8352db1dcd311084ed1b3e8	2023-04-26

References (1)

↗ https://research.checkpoint.com/2023/educated-manticore-iran-aligned-threat-actor-targeting-israel-via-improved-arsenal-of-tools/