← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Rugmi Malware
WHITE cryptocti 2023-12-30 Modified: 2023-12-30
12
IOCs
MEDIUM VOLUME
powershelljavascriptnetsupportvariantappdatafiguremsedgesandboxclientmcafee labsjavascript filebypassvirustotal
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
NetSupport
Indicators of Compromise (12)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 a2b46c59f6e7e395d479b09464ecdba0 MD5 of 89f0c8f170fe9ea28b1056517160e92e2d7d4e8aa81f4ed696932230413a6ce1 2023-12-30
FileHash-SHA1 92c132307dd21189b6d7912ddd934b50e50d1ec1 SHA1 of 89f0c8f170fe9ea28b1056517160e92e2d7d4e8aa81f4ed696932230413a6ce1 2023-12-30
FileHash-SHA256 48bc766326068e078cf258dea70d49dcce265e4e6dbf18f1a0ce28d310f6a89a 2023-12-30
FileHash-SHA256 5ffb5e9942492f15460e58660dd121b31d4065a133a6f8461554ea8af5c407aa 2023-12-30
FileHash-SHA256 73e0975c94ebcdec46fd23664ccecf8953dd70eea1f4e5813e7f8cd8d2dbc4f9 2023-12-30
FileHash-SHA256 89f0c8f170fe9ea28b1056517160e92e2d7d4e8aa81f4ed696932230413a6ce1 2023-12-30
URL http://45.15.158.212/fakeurl.htm e767d70fc57483aae7a20cb094a9bfc1fd4f04e97fb772cd6892d057e5be4260 2023-12-30
URL http://jokosampbulid1.com:1412 2023-12-30
URL https://svirtual.sanviatorperu.edu.pe/readme.txt 2023-12-30
domain jokosampbulid1.com 2023-12-30
domain tukudewe.com 2023-12-30
hostname svirtual.sanviatorperu.edu.pe 2023-12-30
References (1)
↗ https://www.mcafee.com/blogs/other-blogs/mcafee-labs/beneath-the-surface-how-hackers-turn-netsupport-against-users/