← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Malware Spotlight - Into the Trash: Analyzing LitterDrifter - Check Point Research
The LitterDrifter worm, developed by the Russian espionage group Gamaredon, propagates over USB drives and maintains a broad command and control channel to a wide set of command-and-control servers.
MITRE ATT&CK & Malware Families
Indicators of Compromise (79)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 1c49d04fc0eb8c9de9f2f6d661826d24 | — | 2023-11-20 | |
| FileHash-MD5 | 2239800bfc8fdfddf78229f2eb8a7b95 | — | 2023-11-20 | |
| FileHash-MD5 | 49d1f9ce1d0f6dfa94ad9b0548384b3a | — | 2023-11-20 | |
| FileHash-MD5 | 4c2431e5f868228c1f286fca1033d221 | — | 2023-11-20 | |
| FileHash-MD5 | 579f1883cdfd8534167e773341e27990 | — | 2023-11-20 | |
| FileHash-MD5 | 8096dfaa954113242011e0d7aaaebffd | — | 2023-11-20 | |
| FileHash-MD5 | 86d28664fc7332eafb788a44ac82a5ed | — | 2023-11-20 | |
| FileHash-MD5 | 9d9851d672293dfd8354081fd0263c13 | — | 2023-11-20 | |
| FileHash-MD5 | cbeaedfa84b02a2bd41a70fa92a46c36 | — | 2023-11-20 | |
| FileHash-MD5 | cdae1c55ec154cd6cef4954519564c01 | — | 2023-11-20 | |
| FileHash-SHA1 | 07280b08c53885cd33b4f0bdf6784242babe64fe | SHA1 of 49d1f9ce1d0f6dfa94ad9b0548384b3a | 2023-11-20 | |
| FileHash-SHA1 | 0a5f9007bc3ea7ece981a26726eefa4fbf4a39d1 | SHA1 of 86d28664fc7332eafb788a44ac82a5ed | 2023-11-20 | |
| FileHash-SHA1 | 39c25d1dd04a5503fd8c4a8203d9221fca387124 | SHA1 of cbeaedfa84b02a2bd41a70fa92a46c36 | 2023-11-20 | |
| FileHash-SHA1 | 4c6fba17cbe9c9ba4d2820159446f6a5f4af2130 | SHA1 of 4c2431e5f868228c1f286fca1033d221 | 2023-11-20 | |
| FileHash-SHA1 | 9f1ad0df8ebe5f397f9ebacb392af4da3e023cea | SHA1 of 9d9851d672293dfd8354081fd0263c13 | 2023-11-20 | |
| FileHash-SHA1 | b0398a6e41cbf05acdd7ace05ab6a823fbe80eb8 | SHA1 of 579f1883cdfd8534167e773341e27990 | 2023-11-20 | |
| FileHash-SHA1 | b96ab51e8c7810c150fcc68eb6711b1f79678d46 | SHA1 of cdae1c55ec154cd6cef4954519564c01 | 2023-11-20 | |
| FileHash-SHA1 | d07ca2500a5ff834bce1ac0fe99fbf20a3615cf3 | SHA1 of 2239800bfc8fdfddf78229f2eb8a7b95 | 2023-11-20 | |
| FileHash-SHA1 | fa7a9c86744c233efa9289e919ec1ebb66e1ee84 | SHA1 of 8096dfaa954113242011e0d7aaaebffd | 2023-11-20 | |
| FileHash-SHA1 | ff5ac794e1bf88bae9facd903f9f0d7c71d3a213 | SHA1 of 1c49d04fc0eb8c9de9f2f6d661826d24 | 2023-11-20 | |
| FileHash-SHA256 | 0afc3ea3b44cd706064b8f16111c7cd9ed26a3037c32d5d4a028e8115022ec62 | SHA256 of 2239800bfc8fdfddf78229f2eb8a7b95 | 2023-11-20 | |
| FileHash-SHA256 | 1f9ca09a38fc04d4335decd496ebbf3eaaff5b988950509d498863e6f0e33ea1 | SHA256 of 579f1883cdfd8534167e773341e27990 | 2023-11-20 | |
| FileHash-SHA256 | 35fa55d2ff474823944ab67941256ff5c50dfb90bc01bab03307acc40a1c49eb | SHA256 of 86d28664fc7332eafb788a44ac82a5ed | 2023-11-20 | |
| FileHash-SHA256 | 3847eec2194dff08e78cb53f4f82e21279f2404e75141a6c49587174ed778e0c | SHA256 of 4c2431e5f868228c1f286fca1033d221 | 2023-11-20 | |
| FileHash-SHA256 | 3d7bdd9de01215c4b94db5775ce33ee065ede42d766e91fd71de2d9e838b1bca | SHA256 of 1c49d04fc0eb8c9de9f2f6d661826d24 | 2023-11-20 | |
| FileHash-SHA256 | 460722fa203c44c22763d3e0584a069bd8869c1d64d5088de9991e6d691dc3f9 | SHA256 of cdae1c55ec154cd6cef4954519564c01 | 2023-11-20 | |
| FileHash-SHA256 | 50f5e8f673915508d2add406f1c72de5112a01a1b3fdd41b314029c796a7d754 | SHA256 of 8096dfaa954113242011e0d7aaaebffd | 2023-11-20 | |
| FileHash-SHA256 | 775aee4485146790107a435fdb548f397ddb5fa31bc72a20e67e0d8973103855 | SHA256 of 9d9851d672293dfd8354081fd0263c13 | 2023-11-20 | |
| FileHash-SHA256 | 81f7360302e4dcc3e315ac51b0ab1945004809cad1e622ad7a7452889dad3bd7 | SHA256 of cbeaedfa84b02a2bd41a70fa92a46c36 | 2023-11-20 | |
| FileHash-SHA256 | dcfa6e2ee9d3abad0db0e3091e547e3e6f14392878ab743f1710fa880ea23385 | SHA256 of 49d1f9ce1d0f6dfa94ad9b0548384b3a | 2023-11-20 | |
| domain | absorbeni.ru | — | 2023-11-20 | |
| domain | acaenaso.ru | — | 2023-11-20 | |
| domain | aethionemaso.ru | — | 2023-11-20 | |
| domain | ahmozpi.ru | — | 2023-11-20 | |
| domain | andamanos.ru | — | 2023-11-20 | |
| domain | arabianos.ru | — | 2023-11-20 | |
| domain | atonpi.ru | — | 2023-11-20 | |
| domain | aychobanpo.ru | — | 2023-11-20 | |
| domain | ayzakpo.ru | — | 2023-11-20 | |
| domain | badrupi.ru | — | 2023-11-20 | |
| domain | barakapi.ru | — | 2023-11-20 | |
| domain | boskatrem.ru | — | 2023-11-20 | |
| domain | brudimar.ru | — | 2023-11-20 | |
| domain | credomched.ru | — | 2023-11-20 | |
| domain | crisiumbi.ru | — | 2023-11-20 | |
| domain | dakareypa.ru | — | 2023-11-20 | |
| domain | decorous.ru | — | 2023-11-20 | |
| domain | dumerilipi.ru | — | 2023-11-20 | |
| domain | gayado.ru | — | 2023-11-20 | |
| domain | geminiso.ru | — | 2023-11-20 | |
| domain | heartbreaking.ru | — | 2023-11-20 | |
| domain | hoanzo.ru | — | 2023-11-20 | |
| domain | judicious.ru | — | 2023-11-20 | |
| domain | karoanpa.ru | — | 2023-11-20 | |
| domain | lamentable.ru | — | 2023-11-20 | |
| domain | lestemps.ru | — | 2023-11-20 | |
| domain | nahtizi.ru | — | 2023-11-20 | |
| domain | nebtoizi.ru | — | 2023-11-20 | |
| domain | nubiumbi.ru | — | 2023-11-20 | |
| domain | ozaharso.ru | — | 2023-11-20 | |
| domain | procellarumbi.ru | — | 2023-11-20 | |
| domain | quyenzo.ru | — | 2023-11-20 | |
| domain | ragibpo.ru | — | 2023-11-20 | |
| domain | raidla.ru | — | 2023-11-20 | |
| domain | ramizla.ru | — | 2023-11-20 | |
| domain | sabirpo.ru | — | 2023-11-20 | |
| domain | samiseto.ru | — | 2023-11-20 | |
| domain | squeamish.ru | — | 2023-11-20 | |
| domain | suizibel.ru | — | 2023-11-20 | |
| domain | superficial.ru | — | 2023-11-20 | |
| domain | talehgi.ru | — | 2023-11-20 | |
| domain | triticumos.ru | — | 2023-11-20 | |
| domain | undesirable.ru | — | 2023-11-20 | |
| domain | urdevont.ru | — | 2023-11-20 | |
| domain | valefgo.ru | — | 2023-11-20 | |
| domain | vasifgo.ru | — | 2023-11-20 | |
| domain | vilaverde.ru | — | 2023-11-20 | |
| domain | vloperang.ru | — | 2023-11-20 | |
| domain | zerodems.ru | — | 2023-11-20 |