← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Microsoft Teams phishing pushes DarkGate malware via group chats
WHITE CyberHunter_NL 2024-01-31 Modified: 2024-01-31
22
IOCs
MEDIUM VOLUME
New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims' systems.
sha256 hashlicenseupdate octoberdarkgate exepostthursdayinfection fromteams chatseptembersome referencesdarkgate
Indicators of Compromise (22)
All CVE FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
CVE CVE-2023-3519 2024-01-31
FileHash-SHA1 0385a77ed21fc3256cf2651e348f1be3779305f1 2024-01-31
FileHash-SHA256 307e554435ba5edc9c2b1d11e940d5656f748bd399465ae05dfc4a40e30a363f 2024-01-31
FileHash-SHA256 36bc501e5fb8520c1b713d70251424fa484f045abbb205682ff445f46f3d1201 2024-01-31
FileHash-SHA256 4877106143a7fc8871614f2e19c51e9f7f4ff77ed5990881c9714422d3cb4c0b 2024-01-31
FileHash-SHA256 4afbeb1589b96d9e1c3bf88ef1e528a87c6d580092d7552db53819e503ab2458 2024-01-31
FileHash-SHA256 73d2a8c1ba0860fef33ff46da8880ceb00c6a355a6bba14758be83fc17c845ab 2024-01-31
FileHash-SHA256 7b03a759123dbb2429e1e7a506e5281b3ecc0d4a655bf5affc3650f9d8e20a24 2024-01-31
FileHash-SHA256 7fc3126b9c53816657076b62188f9905067ec4b070deea5999cd6d7aa3c85c76 2024-01-31
FileHash-SHA256 8fa71bb4079780710ca354a312f5a887fe7bd9f3a744e43c19f5eb87aed65c0f 2024-01-31
FileHash-SHA256 ba18f678b08580795416148d2bba5b0a0b7be4c85b8501a28f49c8141268ec57 2024-01-31
FileHash-SHA256 c01d186f412fac04b0b80c6242c378ee00d1c63affb83d44ee75f65a08f4e966 2024-01-31
FileHash-SHA256 c786fba049049139859c8d552f957780628b437c11af0720c0c13481897b7244 2024-01-31
FileHash-SHA256 d841110e05dc8970c1f96ec038ff98a4f463c2b5e96d114a84e4c3bb97628797 2024-01-31
URL http://hgfdytrywq.com/yjnchp 2024-01-31
URL http://hgfdytrywq.com:80/a\ 2024-01-31
URL http://hgfdytrywq.com:80/xmbxmi\ 2024-01-31
URL http://hgfdytrywq.com:8080 2024-01-31
domain 2022-05-15-iocs-for-deadbolt-ransomware.md 2024-01-31
domain 2fgithub.com 2024-01-31
domain hgfdytrywq.com 2024-01-31
domain support.md 2024-01-31
References (1)
↗ https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2023-10-12-IOCs-for-DarkGate-from-Teams-chat.txt