← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
UAC-0180 targeted cyberattacks against defence enterprises using GLUEEGG / DROPCLUE / ATERA (CERT-UA#10375)
WHITE CyberHunter_NL 2024-07-22 Modified: 2024-07-22
72
IOCs
HIGH VOLUME
rosebloomrosethornacrobaitdropclueglueeggaterauac0180certua
Indicators of Compromise (72)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain URL email hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 160b234c6cd4edd2c95125f8d1d4e641 2024-07-22
FileHash-MD5 19c5587c26ebe928bfeb0f80a393504b 2024-07-22
FileHash-MD5 3464e68a88ad2640b7a39bc809e72abc 2024-07-22
FileHash-MD5 36d4903ffafa75c00460292881b5dad7 2024-07-22
FileHash-MD5 524dda2410cc7ee8cc326ca42cebd7dd 2024-07-22
FileHash-MD5 56707756a2ee4994ceaf79659c7a52cd 2024-07-22
FileHash-MD5 5b29d2fa5be0d3a0811471856d293d6e 2024-07-22
FileHash-MD5 6fa6dd331844ee5cfe20c74353c1e442 2024-07-22
FileHash-MD5 7f2e4a44445b977ef8917cc0fb79035b MD5 of 0be3116a3edc063283f3693591c388eec67801cdd140a90c4270679e01677501 2024-07-22
FileHash-MD5 a1de88e6f579f98c4499d6eeaf70c88f 2024-07-22
FileHash-MD5 a41cd0977b7f57f35b958428433cebbd 2024-07-22
FileHash-MD5 bf41ddac0e4facc46184f4a807445276 2024-07-22
FileHash-MD5 c0e499402acb6c302228b4a7923d5db6 MD5 of 57e59b156a3ff2a3333075baef684f49c63069d296b3b036ced9ed781fd42312 2024-07-22
FileHash-MD5 c179d899a00862617e1263125a40c53f 2024-07-22
FileHash-MD5 c670c06ad6b01053ad5ec3f8f4d2ec12 2024-07-22
FileHash-MD5 d69cf309cb0e5d91237c6454e0e0dc45 2024-07-22
FileHash-MD5 d8de4409320a29fde67b17f99a920496 2024-07-22
FileHash-MD5 df678ec9c97db5bcfe8e8f5acc7e1cae 2024-07-22
FileHash-MD5 fe2918d16a6956f3e5034f1e1a307d56 2024-07-22
FileHash-SHA1 983332a5660ec6c28123e745023b41105775ab6f SHA1 of 0be3116a3edc063283f3693591c388eec67801cdd140a90c4270679e01677501 2024-07-22
FileHash-SHA1 cb3d3a7e39e7cdc8501ae0eff77d02a1c995bc31 SHA1 of 57e59b156a3ff2a3333075baef684f49c63069d296b3b036ced9ed781fd42312 2024-07-22
FileHash-SHA256 01ebc558aa7028723bebd8301fd110d01cbd66d9a8b04685afd4f04f76e7b80c 2024-07-22
FileHash-SHA256 036cce35a3b345e14b77be07f93141d817c5dc57114d34c6173e8d030df56d63 2024-07-22
FileHash-SHA256 0be3116a3edc063283f3693591c388eec67801cdd140a90c4270679e01677501 2024-07-22
FileHash-SHA256 14d797fd2b00d52326285d8b39fb37798052130b6f2858f2bbe0660d31b0c0e0 2024-07-22
FileHash-SHA256 24392ef5cb5e1134728dcde7e22d0bcb3f934ea174737da294cecbc12abaaff8 2024-07-22
FileHash-SHA256 29309a7916cd64b862051ff4f2dbf80b99a340b2d504ea4cbb8a13328d9e21b6 2024-07-22
FileHash-SHA256 2c327087b063e89c376fd84d48af7b855e686936765876da2433485d496cb3a4 2024-07-22
FileHash-SHA256 2ed3c0e73dd0ef0eb8dc4cac23a3c01ad87bcfad040ab898e220207b3cb8e50a 2024-07-22
FileHash-SHA256 306c649e1ae4bb4235d2c01631264ea69924be5d958ffe411e402e3b6bc15c42 2024-07-22
FileHash-SHA256 4881712c4b26ce79e7f68563326e0139c1abfd33a70771468e4ad26504f88a7d 2024-07-22
FileHash-SHA256 5390ba094cf556f9d7bbb00f90c9ca9e04044847c3293d6e468cb0aaeb688129 2024-07-22
FileHash-SHA256 57e59b156a3ff2a3333075baef684f49c63069d296b3b036ced9ed781fd42312 2024-07-22
FileHash-SHA256 5c71601717bed14da74980ad554ad35d751691b2510653223c699e1f006195b8 2024-07-22
FileHash-SHA256 846a7255eff6535d0e85c67a60712250df239a91c8b63df2073548d40434058c 2024-07-22
FileHash-SHA256 86c683bd01512a3a9228dd4c3dc7ef4979e43344d9dd969804cc9cd263cf1316 2024-07-22
FileHash-SHA256 a2f2e88a5e2a3d81f4b130a2f93fb60b3de34550a7332895a084099d99a3d436 2024-07-22
FileHash-SHA256 dc7b8a3b3d03ad01e05b807618d3a5556cf3f699b5cffc3133ef7e1bc9efdd17 2024-07-22
FileHash-SHA256 e8140e66469f20292d94a431e795e027fc3c76dcadceff31e629739c56b117ab 2024-07-22
FileHash-SHA256 e9637a384ac4f9a2647c279ea30e74c1cfdac27fe2a03c9466c294b51f02fa4c 2024-07-22
domain devtools.bond 2024-07-22
domain drv2ms.com 2024-07-22
domain linedrv.com 2024-07-22
domain olminx.com 2024-07-22
domain xeontime.com 2024-07-22
FileHash-MD5 1191f83c3ffadac0142814ec9691829e 2024-07-22
FileHash-MD5 37e2751b26feffa619a7ff123842867b MD5 of 82ba5c5af08a9b1b88faa0a87033af3af49e6d699dbf0df09fb4805283ff33d9 2024-07-22
FileHash-MD5 57a9efe39f30a4284c0d5bfc3c80cc69 2024-07-22
FileHash-MD5 778c85b7ed5046afa17c20d4c4a604cb 2024-07-22
FileHash-MD5 8a1bd632a9b8df88aae5e1d3439411ce 2024-07-22
FileHash-MD5 b73333ea586696a0ca41c8a7b2046e8c 2024-07-22
FileHash-MD5 bdd1b02c7588feb06e70874f3aa90d03 2024-07-22
FileHash-MD5 cbfac396e89776dd009f6c191be690c9 2024-07-22
FileHash-MD5 d7dbfe6b80590c5038dd8ef430c5277e 2024-07-22
FileHash-MD5 fb3cd8734a70842406dbe8ea8bee0fd2 2024-07-22
FileHash-SHA1 95aa0a42a9b0d5967f7400c8915ac8109d74df0d SHA1 of 82ba5c5af08a9b1b88faa0a87033af3af49e6d699dbf0df09fb4805283ff33d9 2024-07-22
FileHash-SHA256 0a2d4764b70dfb0992608658cbafb641e3c38430364233f74b666a55b92817a5 2024-07-22
FileHash-SHA256 1937f46f81ee04c797987ca84bd9b338dc6e157b6928b957c0e685312e67ffc3 2024-07-22
FileHash-SHA256 40ee385eb112c8631f2566a2187cee844bf87984c88698106d92d469f580b134 2024-07-22
FileHash-SHA256 4d502ff5892c3b60c32e89cf841c5d81c70786a9089c4ccc211029741b1bf387 2024-07-22
FileHash-SHA256 5f8ac3b5f4a33cafaf101f2ac63bad21bae88c6df7369fa58f0709ef35266a9e 2024-07-22
FileHash-SHA256 82ba5c5af08a9b1b88faa0a87033af3af49e6d699dbf0df09fb4805283ff33d9 2024-07-22
FileHash-SHA256 a8c246d659cfcbc8ba40840634b9b0d46b81b00579a74f8f157f0dc71c5f8ed8 2024-07-22
FileHash-SHA256 c296a6f55e06729bbf4ec270f12ddc24678a1e622dfeb16bce64d9d20f44e03f 2024-07-22
FileHash-SHA256 ceedf36401ccea32d5465d955cc0a8a72c297182219338cf5521e557ce9ea963 2024-07-22
FileHash-SHA256 fb5bfd1c555b2d508f0e56bf44367203e05355440614c351bd685a9c3c84d3ed 2024-07-22
URL http://prozorro-ua.net/tender/ua-2024-06-25-006884-a/print/limited-reporting/adobe_acrobat_fonts_pack.exe 2024-07-22
URL http://prozorro-ua.net/tender/ua-2024-06-25-006884-a/print/limited-reporting/ua-2024-07-04-010017/font-pack-pdf-windows-64-bit 2024-07-22
URL http://prozorro-ua.net/tender/ua-2024-06-25-006894-a/print/limited-reporting/ua-2024-07-04-010019-a-open.pdf 2024-07-22
domain prozorro-ua.net 2024-07-22
email mariquillaharmond262@proton.me 2024-07-22
hostname servicedesk.atera.com 2024-07-22