← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Iranian backed group steps up phishing campaigns against Israel, U.S.
WHITE APT42 AlienVault 2024-08-26 Modified: 2024-09-25
46
IOCs
MEDIUM VOLUME
An Iranian government-backed threat group known as APT42 has significantly intensified its phishing campaigns targeting high-profile individuals in Israel and the United States over the past six months. The group, associated with Iran's Islamic Revolutionary Guard Corps, has focused on current and former government officials, political campaigns, diplomats, think tanks, NGOs, and academic institutions involved in foreign policy discussions. APT42's activities demonstrate a concerted effort to rapidly shift its operational priorities in line with Iran's political and military objectives.
election targetingycollectionlcollectioniransocial engineeringdwpphishingcredential theftgcollection
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
GCollection LCollection YCollection DWP
Indicators of Compromise (46)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 157284a93f3c5f488f4559db3537daea 2024-08-26
FileHash-MD5 1cea34e748cc43cdc7724684cebf409f 2024-08-26
FileHash-MD5 39556dc87f9a24405e73e6dd46d34bc7 2024-08-26
FileHash-MD5 6c033c2cbeff71f7d17be4628c7e59f5 2024-08-26
FileHash-MD5 b6f02f67e2b5d2c81bc502d24258a1d5 2024-08-26
FileHash-SHA1 5a892c6cf26f90220d279d878206bf73f933f4dc 2024-08-26
FileHash-SHA1 7e564f5f6bb98f629789565a737738ea66330f74 2024-08-26
FileHash-SHA1 ca06b5b530c5c9fc09b12b1c8c48f8aeca4c3452 2024-08-26
FileHash-SHA1 cce4761750a2549dc5bb7e377717dd4ea40420e5 2024-08-26
FileHash-SHA1 e8ce99f3b7c5163fc8ab793a7dcfbe2cdf1a21a7 2024-08-26
FileHash-SHA256 0180f4f29c550aa1ffaa21af51711b29de99fb1d7c932d008a0e9356ae8a7d60 2024-08-26
FileHash-SHA256 33a61ff123713da26f45b399a9828e29ad25fbda7e8994c954d714375ef92156 2024-08-26
FileHash-SHA256 4ac088bf25d153ec2b9402377695b15a28019dc8087d98bd34e10fed3424125f 2024-08-26
FileHash-SHA256 82ae2eb470a5a16ca39ec84b387294eaa3ae82e5ada4b252470c1281e1f31c0a 2024-08-26
FileHash-SHA256 89c1d1b61d7f863f8a651726e29f2ae3de7958f36b49a756069021817947d06c 2024-08-26
FileHash-SHA256 baac058ddfc96c8aea8c0057077505f0ad3ff20311d999886fed549924404849 2024-08-26
FileHash-SHA256 bc2597ce09987022ff0498c6710a9b51a1a47ed8082ac044be2838b384157527 2024-08-26
FileHash-SHA256 c3486133783379e13ed37c45dc6645cbee4c1c6e62e7988722931eef99c8eaf3 2024-08-26
FileHash-SHA256 c67cd544a112cab1bb75b3c44df4caf2045ef0af51de9ece11261d6c504add32 2024-08-26
FileHash-SHA256 f83e2b3be2e6db20806a4b9b216edc7508fa81ce60bf59436d53d3ae435b6060 2024-08-26
URL http://check-pabnel-status.live/Gcollection/Password 2024-08-26
URL http://check-pabnel-status.live/Gcollection/Ref/CkliPwaM 2024-08-26
URL http://check-pabnel-status.live/Lcollection/Password 2024-08-26
URL http://check-pabnel-status.live/Lcollection/Ref/F53OQQkE 2024-08-26
URL http://checking-paneling.live/aliasauthG/Password 2024-08-26
URL http://checking-paneling.live/aliasauthG/autoref/vNSX6c2m 2024-08-26
URL http://click-choose-figured.cfd/Gallery/Password 2024-08-26
URL http://click-choose-figured.cfd/Gallery/Ref/FSaEM5gG 2024-08-26
URL http://panel-short-check.live/PhyfkFQX 2024-08-26
URL http://panel-short-check.live/ZZqt3LYD 2024-08-26
URL http://s3api.shop/api/ 2024-08-26
URL http://sharedrive.webredirect.org/Khn/shoaGzA/cGNt/dMPaV/kvvhK 2024-08-26
URL http://short-ion-per.live/08EFNZ1 2024-08-26
URL http://smaaaal.cfd/Wp59tqKU 2024-08-26
domain accredit-navigation.online 2024-08-26
domain brookings.email 2024-08-26
domain check-pabnel-status.live 2024-08-26
domain checking-paneling.live 2024-08-26
domain click-choose-figured.cfd 2024-08-26
domain panel-short-check.live 2024-08-26
domain s3api.shop 2024-08-26
domain short-ion-per.live 2024-08-26
domain smaaaal.cfd 2024-08-26
domain understandingthewar.org 2024-08-26
hostname sharedrive.webredirect.org 2024-08-26
hostname visioneditor.loseyourip.com 2024-08-26
References (1)
↗ https://blog.google/threat-analysis-group/iranian-backed-group-steps-up-phishing-campaigns-against-israel-us/