Pulse Detail — Threat Intelligence

PULSE NAME

Operation Ghoul: targeted attacks on industrial organizations

WHITE StreamMiningEx 2023-12-06 Modified: 2023-12-06

IOCs

HIGH VOLUME

Indicators of Compromise (52)

All domain URL hostname FileHash-MD5

TYPE	INDICATOR	DESCRIPTION	CREATED
domain	katynew.pw	—	2023-12-06
domain	brokelimiteds.in	—	2023-12-06
domain	f444c4f547116bfd052461b0b3ab1bc2b445a.com	—	2023-12-06
domain	mercadojs.com	—	2023-12-06
domain	glazeautocaree.com	—	2023-12-06
domain	copylines.biz	—	2023-12-06
domain	studiousb.com	—	2023-12-06
domain	apple-recovery.us	—	2023-12-06
URL	http://customer.comcast.com.aboranian.com/login	—	2023-12-06
URL	http://brokelimiteds.in/cdn/images/obe.exe	—	2023-12-06
URL	http://192.169.82.86/~gurgenle/verify/webmail/	—	2023-12-06
URL	http://brokelimiteds.in/wp-admin/css/upload/orders.exe	—	2023-12-06
URL	http://brokelimiteds.in/cdn/images/onowu.exe	—	2023-12-06
URL	http://www.deluxepharmacy.net	—	2023-12-06
URL	http://studiousb.com/mercadolivrestudio/f.zip	—	2023-12-06
URL	http://papercuts.info/SocialMedia/java.exe	—	2023-12-06
URL	http://468213579.com/emailreferentie.appleid.apple.nl/emailverificatie-40985443/home/login.php	—	2023-12-06
URL	http://free.meedlifespeed.com/ComCast/	—	2023-12-06
URL	http://apple.security-block.com/Apple%20-%20My%20Apple%20ID.html	—	2023-12-06
URL	http://brokelimiteds.in/cdn/images/bro.exe	—	2023-12-06
URL	http://glazeautocaree.com/proforma-invoice.exe	—	2023-12-06
URL	http://brokelimiteds.in/wp-admin/css/upload/order.exe	—	2023-12-06
URL	http://copylines.biz/lasagna/gate.php?request=true	—	2023-12-06
URL	http://emailreferentie.appleid.apple.nl.468213579.com/	—	2023-12-06
hostname	emailreferentie.appleid.apple.nl.468213579.com	—	2023-12-06
hostname	verificatie.appleid.apple.nl.referentie.357912468.com	—	2023-12-06
hostname	cgi.ebay.com-wn.in	—	2023-12-06
hostname	apple.security-block.com	—	2023-12-06
hostname	free.meedlifespeed.com	—	2023-12-06
hostname	customer.comcast.com.aboranian.com	—	2023-12-06
FileHash-MD5	cc6926cde42c6e29e96474f740d12a78	—	2023-12-06
FileHash-MD5	c3cf7b29426b9749ece1465a4ab4259e	—	2023-12-06
FileHash-MD5	5a97d62dc84ede64846ea4f3ad4d2f93	—	2023-12-06
FileHash-MD5	b8f6e6a0cb1bcf1f100b8d8ee5cccc4c	—	2023-12-06
FileHash-MD5	fc8da575077ae3db4f9b5991ae67dab1	—	2023-12-06
FileHash-MD5	36a9ae8c6d32599f21c9d1725485f1a3	—	2023-12-06
FileHash-MD5	8d46ee2d141176e9543dea9bf1c079c8	—	2023-12-06
FileHash-MD5	6e959ccb692668e70780ff92757d2335	—	2023-12-06
FileHash-MD5	3664d7150ac98571e7b5652fd7e44085	—	2023-12-06
FileHash-MD5	21ea64157c84ef6b0451513d0d11d02e	—	2023-12-06
FileHash-MD5	dabc47df7ae7d921f18faf685c367889	—	2023-12-06
FileHash-MD5	aaee8ba81bee3deb1c95bd3aaa6b13d7	—	2023-12-06
FileHash-MD5	55358155f96b67879938fe1a14a00dd6	—	2023-12-06
FileHash-MD5	5a68f149c193715d13a361732f5adaa1	—	2023-12-06
FileHash-MD5	d87d26309ef01b162882ee5069dc0bde	—	2023-12-06
FileHash-MD5	ae2a78473d4544ed2acd46af2e09633d	—	2023-12-06
FileHash-MD5	08c18d38809910667bbed747b2746201	—	2023-12-06
FileHash-MD5	f9ef50c53a10db09fc78c123a95e8eec	—	2023-12-06
FileHash-MD5	460e18f5ae3e3eb38f8cae911d447590	—	2023-12-06
FileHash-MD5	07b105f15010b8c99d7d727ff3a9e70f	—	2023-12-06
URL	http://192.169.82.86/~loftyco/okilo/login.php	—	2023-12-06
URL	http://192.169.82.86/~loftyco/skool/login.php	—	2023-12-06