← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Unveiling WolfsBane: Gelsemium’s Linux counterpart to Gelsevirine
WHITE Gelsemium Tr1sa111 2024-12-10 Modified: 2024-12-22
137
IOCs
HIGH VOLUME
linuxwolfsbanerootkitaptbackdoorpersistencegelsevirinecyberespionageproject woodfirewood
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
WolfsBane FireWood Gelsemium - S0666 Gelsevirine Gelsenicine Gelsemine Project Wood
Indicators of Compromise (27 / 137 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 00b701e3ef29912c1fcd8c2154c4ae372cfe542cfa54ffcce9fb449883097cec 2024-12-10
FileHash-SHA256 109d4b8878b8c8f3b7015f6b3ae573a6799296becce0f32ca3bd216bee0ab473 2024-12-10
FileHash-SHA256 1a9d78e5c255de239fb18b2cf47c4c2298f047073299c27fb54a0edf08a1d5a1 2024-12-10
FileHash-SHA256 1b6bb9e9612982f9cb55a1c88ae988d362d03fd57748d10b8cbe7acd724055c9 2024-12-10
FileHash-SHA256 1ec286f2194199206e4ce345f1bf322b6b0b4c947b1cf32db59cca2d89370738 2024-12-10
FileHash-SHA256 1f6de1af513f60572799a0893818e1b694c3ec3ff5dabddc8a0f0aa0d96d15d2 2024-12-10
FileHash-SHA256 29e78ca3cb49dd2985a29e74cafb1a0a15515670da0f4881f6095fb2926bfefd 2024-12-10
FileHash-SHA256 2bab6b951ea0ae3ea9452fd503bacafb45b6687d6352f5415d14810f9cf7a89e 2024-12-10
FileHash-SHA256 31d5e55f21246f97da006ddba6306b357d2823c90754a920c7bd268af0d2a1e4 2024-12-10
FileHash-SHA256 46338cae732ee1664aac77d9dce57c4ff8666460c1a51bee49cae44c86e42df9 2024-12-10
FileHash-SHA256 5299fe79a66b407555cdab68806564ae988b745be589767b004f7bccd7f7ac3b 2024-12-10
FileHash-SHA256 552388d74478a84b8e64e3ee2316331740a0d060f322e92b5c608ea745adba90 2024-12-10
FileHash-SHA256 5d12c085b600ea2ea42d09e2104ac40d8ba2b6d005db06e12c16016200a92bd8 2024-12-10
FileHash-SHA256 6005ecce702b84de6d46838839b2271df631ab42325b70e27324e6cabda76e7f 2024-12-10
FileHash-SHA256 6eaeca0cf28e74de6cfd82d29a3c3cc30c2bc153ac811692cc41ee290d766474 2024-12-10
FileHash-SHA256 7795a7f3bd08cb62ec6f828ad1f6836114b3e8cf153d905e3f03d6199f1f8354 2024-12-10
FileHash-SHA256 93c29bf19e09ea3b1e4ac5d31f47024a544738671488ff7ab2cd8f9a9c302262 2024-12-10
FileHash-SHA256 97982e098a4538d05e78c172c9bbc5b412754df86dc73e760004f0038ec928fb 2024-12-10
FileHash-SHA256 ae1b66e35a4e1ab8870837a52f3e4acda9e722b3f835d238acb472be49e915d6 2024-12-10
FileHash-SHA256 c26d239f415bec27125862acafdeac267be398bc9208e27f09217dc8ecf64225 2024-12-10
FileHash-SHA256 cff20753e36a4c942dc4dab5a91fd621a42330e17a89185a5b7262280bcd9263 2024-12-10
FileHash-SHA256 d986207bc108e55f4b110ae208656b415d2c5fcc8f99f98b4b3985e82b9d5e5b 2024-12-10
FileHash-SHA256 ec491de0e2247f64b753c4ef0c7227ea3548c2f222b547528dae0cf138eca53a 2024-12-10
FileHash-SHA256 f0d23aa026ae6ba96051401dc2b390ba5c968d55c2a4b31a36e45fb67dfc2e3c 2024-12-10
FileHash-SHA256 fddec9ff14ebd957038f9c24843bff935c4f73651e9704b553dec116851f7ae5 2024-12-10
FileHash-SHA256 fe71b66d65d5ff9d03a47197c99081d9ec8d5f6e95143bdc33f5ea2ac0ae5762 2024-12-10
FileHash-SHA256 a67ac84f61b34b59827cef79b11709d137cc9490d6027e16279793b9b3e894c4 2024-12-10
References (1)
↗ https://www.welivesecurity.com/en/eset-research/unveiling-wolfsbane-gelsemiums-linux-counterpart-to-gelsevirine/