← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Unveiling WolfsBane: Gelsemium’s Linux counterpart to Gelsevirine
WHITE Gelsemium Tr1sa111 2024-12-17 Modified: 2024-12-22
137
IOCs
HIGH VOLUME
linuxwolfsbanerootkitaptbackdoorpersistencegelsevirinecyberespionageproject woodfirewood
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
WolfsBane FireWood Gelsemium - S0666 Gelsevirine Gelsenicine Gelsemine Project Wood
Indicators of Compromise (27 / 137 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 0ff2f7ef56717a032d970ff8b78c85e4 2024-12-17
FileHash-MD5 17ffeda7cf0f19381fb1eb0e70c03927 2024-12-17
FileHash-MD5 1b6868f8c412e1e6efc4d7149173c5a9 2024-12-17
FileHash-MD5 2251bc7910fe46fd0baf8bc05599bdcf 2024-12-17
FileHash-MD5 24fff48947a8f5a100e21d5592f92d4c 2024-12-17
FileHash-MD5 3230cb323663710d52dfe18b9f0cb369 2024-12-17
FileHash-MD5 35b4867b323749cc72406f471b149efc 2024-12-17
FileHash-MD5 35e941f5df1560f0c2191c23e5189ada 2024-12-17
FileHash-MD5 4b51d56955a4438481f8452120a36aa0 2024-12-17
FileHash-MD5 5480f12015b0520b7e33519725bec6ef 2024-12-17
FileHash-MD5 5789e8b1a31d7117b05143cec4a85378 2024-12-17
FileHash-MD5 5d7cd888012605ddeab265865b7ba994 2024-12-17
FileHash-MD5 61d5bc51f97b9df015dea3990cfef29b 2024-12-17
FileHash-MD5 66920df486acdd7aaa48baf6a5b753d5 2024-12-17
FileHash-MD5 6d9957965ead9b7b9d7f896de59f8c1b 2024-12-17
FileHash-MD5 77bb729852a957efc606c64180543ea9 2024-12-17
FileHash-MD5 8545af9eb02ab26574df2834bcf1a5a5 2024-12-17
FileHash-MD5 87e437cf74ce4b1330b8af9ff71edae2 2024-12-17
FileHash-MD5 87eb0975758ecef44e8368914cffe151 2024-12-17
FileHash-MD5 97d46525797ffa7530851481eb96dd47 2024-12-17
FileHash-MD5 9ca6d9526a1c9fb2e624c382f687a92d 2024-12-17
FileHash-MD5 9cacec575782d7b25a94f10e2061ac4c 2024-12-17
FileHash-MD5 bc4d2f84a6ce49f06a6be32ccfaa1630 2024-12-17
FileHash-MD5 c857b9f9b8bd330e160cc3a3c274b068 2024-12-17
FileHash-MD5 cd5da0b66319efbe346a4ac98df2f6d0 2024-12-17
FileHash-MD5 d1a505f2a335a8aa05d3b74358157ff3 2024-12-17
FileHash-MD5 5ebd4452848879202414a46a09cd2eab 2024-12-17
References (1)
↗ https://www.welivesecurity.com/en/eset-research/unveiling-wolfsbane-gelsemiums-linux-counterpart-to-gelsevirine/