← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Operation Celestial Force employs mobile and desktop malware to target Indian entities
Cisco Talos is disclosing details of a new malware campaign being used by suspected Pakistani hackers to target Indian entities and government officials from the Indian subcontinent, including those belonging to government and defence sectors.
Indicators of Compromise (153)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| domain | androidadbserver.com | — | 2025-02-14 | |
| domain | androidmetricsasia.com | — | 2025-02-14 | |
| domain | androidsdkstream.com | — | 2025-02-14 | |
| domain | androidwebkit.com | — | 2025-02-14 | |
| domain | cloudieapp.net | — | 2025-02-14 | |
| domain | craftwithme.uk | — | 2025-02-14 | |
| domain | cvscout.uk | — | 2025-02-14 | |
| domain | javacdnlib.com | — | 2025-02-14 | |
| domain | jdklibraries.com | — | 2025-02-14 | |
| domain | officelibraries.com | — | 2025-02-14 | |
| domain | playstoreapi.net | — | 2025-02-14 | |
| domain | rockamore.co.uk | — | 2025-02-14 | |
| domain | sdklibraries.com | — | 2025-02-14 | |
| domain | sexyber.net | — | 2025-02-14 | |
| domain | teraspace.co.in | — | 2025-02-14 | |
| domain | webbucket.co.uk | — | 2025-02-14 | |
| domain | windowsupdatecloud.com | — | 2025-02-14 | |
| domain | zclouddrive.com | — | 2025-02-14 | |
| hostname | dl01.mozillasecurity.com | — | 2025-02-14 | |
| FileHash-MD5 | 321817f1f1d1a78b89682a79fdda0485 | MD5 of 12d98137cd1b0cf59ce2fafbfe3a9c3477a42dae840909adad5d4d9f05dd8ede | 2025-02-14 | |
| FileHash-MD5 | 39e85d8abf73d10dea3cda18bebde2d9 | MD5 of 1382997d3a5bb9bdbb9d41bb84c916784591c7cdae68305c3177f327d8a63b71 | 2025-02-14 | |
| FileHash-MD5 | 3f827039964a09f1179f66d6b2f9fe31 | MD5 of 4ebdfa738ef74945f6165e337050889dfa0aad61115b738672bbeda648a59dab | 2025-02-14 | |
| FileHash-MD5 | 60d0bf104c7397ab2ed8f3ebe6319629 | MD5 of 688c8e4522061bb9d82e4c3584f7ef8afc6f9e07e2374567755faad2a22e25b8 | 2025-02-14 | |
| FileHash-MD5 | 6b8497c0ceb056ac53d0579456800e54 | MD5 of 69414a0ca1de6b2ab7b504a507d35c859fc5a1b8e0b3cf0c6a8948b2f652cbe9 | 2025-02-14 | |
| FileHash-MD5 | 7d6a6edc28579ac632d666d0dae86d0b | MD5 of c00cedd6579e01187cd256736b8a506c168c6770776475e8327631df2181fae2 | 2025-02-14 | |
| FileHash-MD5 | 7ddf32e17a6ac5ce04a8ecbf782ca509 | — | 2025-02-14 | |
| FileHash-MD5 | 8073ed7dc906d83db7f1cfebddff8e31 | MD5 of 36851d1da9b2f35da92d70d4c88ea1675f1059d68fafd3abb1099e075512b45e | 2025-02-14 | |
| FileHash-MD5 | 873eecd6b4b59e541fdb676c7f6d3707 | MD5 of 838fd5d269fa09ef4f7e9f586b6577a9f46123a0af551de02de78501d916236d | 2025-02-14 | |
| FileHash-MD5 | ad68a94f35fb702fec9e8effd69974c2 | MD5 of 63a76ca25a5e1e1cf6f0ca8d32ce14980736195e4e2990682b3294b125d241cf | 2025-02-14 | |
| FileHash-MD5 | de47f3525c4de36096f2888ac0947deb | MD5 of 8e9bcc00fc32ddc612bdc0f1465fc79b40fc9e2df1003d452885e7e10feab1ee | 2025-02-14 | |
| FileHash-MD5 | de54f9b71f957808ea84fbda7895e329 | MD5 of 8d458fb59b6da20e1ba1658bb4a1f7dbb46d894530878e91b64d3c675d3d4516 | 2025-02-14 | |
| FileHash-MD5 | e2c620574db667ea99d10d2eb31d9d75 | MD5 of 5695c1e5e4b381844a36d8281126eef73a9641a315f3fdd2eb475c9073c5f4da | 2025-02-14 | |
| FileHash-MD5 | e4c9f1ee7ab974fa4b3d37e8d4b356b9 | MD5 of da3907cf75662c3401581a5140831f8b2520a4c3645257b3860c7db94295af88 | 2025-02-14 | |
| FileHash-MD5 | ec28788283207fa601777801450497f8 | MD5 of 380df073825aca1e2fdbea379431c2f4571a8c7d9369e207a31d2479fbc7be88 | 2025-02-14 | |
| FileHash-MD5 | ec5d2e82424277ee8915225c4081e6f8 | MD5 of 06b617aa8c38f916de8553ff6f572dcaa96e5c8941063c55b6c424289038c3a1 | 2025-02-14 | |
| FileHash-MD5 | ee63ed4e50bb210c057e1217decd9b9b | MD5 of 04e216f4780b6292ccc836fa0481607c62abb244f6a2eedc21c4a822bcf6d79f | 2025-02-14 | |
| FileHash-SHA1 | 03b6498139d2229b3dd7fe78502be8783b06b985 | SHA1 of 838fd5d269fa09ef4f7e9f586b6577a9f46123a0af551de02de78501d916236d | 2025-02-14 | |
| FileHash-SHA1 | 25715a41250d4b9933e3599881ce020de7fa6dc3 | SHA1 of 4ebdfa738ef74945f6165e337050889dfa0aad61115b738672bbeda648a59dab | 2025-02-14 | |
| FileHash-SHA1 | 2aa907fe56962d491a3d68fd543a218057b3375d | SHA1 of 12d98137cd1b0cf59ce2fafbfe3a9c3477a42dae840909adad5d4d9f05dd8ede | 2025-02-14 | |
| FileHash-SHA1 | 2d853af64b228d207576afe565ada6cc41c5bf79 | SHA1 of 06b617aa8c38f916de8553ff6f572dcaa96e5c8941063c55b6c424289038c3a1 | 2025-02-14 | |
| FileHash-SHA1 | 32c355ebb4721bc35b033d1751c17055248977a8 | SHA1 of 688c8e4522061bb9d82e4c3584f7ef8afc6f9e07e2374567755faad2a22e25b8 | 2025-02-14 | |
| FileHash-SHA1 | 5c0366deebe62256938c1ee9425b7def42bacee8 | SHA1 of 8e9bcc00fc32ddc612bdc0f1465fc79b40fc9e2df1003d452885e7e10feab1ee | 2025-02-14 | |
| FileHash-SHA1 | 79e8fbddbad156025e9893c53c67d46b58327ce1 | SHA1 of da3907cf75662c3401581a5140831f8b2520a4c3645257b3860c7db94295af88 | 2025-02-14 | |
| FileHash-SHA1 | 80167afe303042fba9d4288ce51d7f92f3d9e0f5 | SHA1 of 8d458fb59b6da20e1ba1658bb4a1f7dbb46d894530878e91b64d3c675d3d4516 | 2025-02-14 | |
| FileHash-SHA1 | 84b337bdc96d540b1df8ed3772a75c6cc2095552 | SHA1 of 380df073825aca1e2fdbea379431c2f4571a8c7d9369e207a31d2479fbc7be88 | 2025-02-14 | |
| FileHash-SHA1 | 8ccf86672f5d4fac76b033185a84c99adce113dc | SHA1 of 5695c1e5e4b381844a36d8281126eef73a9641a315f3fdd2eb475c9073c5f4da | 2025-02-14 | |
| FileHash-SHA1 | 9fe06c037eba840fff4d2d9f8c591c98695fc1dc | SHA1 of 63a76ca25a5e1e1cf6f0ca8d32ce14980736195e4e2990682b3294b125d241cf | 2025-02-14 | |
| FileHash-SHA1 | a415ab5cc17c8c093c015ccdb7e552aee7911aa4 | SHA1 of 7ddf32e17a6ac5ce04a8ecbf782ca509 | 2025-02-14 | |
| FileHash-SHA1 | abb8b5b1ff309566e70a531a8b13e20ea5ee4edd | SHA1 of 69414a0ca1de6b2ab7b504a507d35c859fc5a1b8e0b3cf0c6a8948b2f652cbe9 | 2025-02-14 | |
| FileHash-SHA1 | c3c00b4479ff2e1f4b3f635de8d7ac5f41be1179 | SHA1 of c00cedd6579e01187cd256736b8a506c168c6770776475e8327631df2181fae2 | 2025-02-14 | |
| FileHash-SHA1 | d761a607e5df3e8ad89a9cbeaf1248dd2b6649f4 | SHA1 of 1382997d3a5bb9bdbb9d41bb84c916784591c7cdae68305c3177f327d8a63b71 | 2025-02-14 | |
| FileHash-SHA1 | e0b09cc0f0e210de84937ada7e5d19dce5132c89 | SHA1 of 36851d1da9b2f35da92d70d4c88ea1675f1059d68fafd3abb1099e075512b45e | 2025-02-14 | |
| FileHash-SHA1 | f4482a10d631dded4291d077c7d605d2ef183d35 | SHA1 of 04e216f4780b6292ccc836fa0481607c62abb244f6a2eedc21c4a822bcf6d79f | 2025-02-14 | |
| FileHash-SHA256 | 04e216f4780b6292ccc836fa0481607c62abb244f6a2eedc21c4a822bcf6d79f | — | 2025-02-14 | |
| FileHash-SHA256 | 06b617aa8c38f916de8553ff6f572dcaa96e5c8941063c55b6c424289038c3a1 | — | 2025-02-14 | |
| FileHash-SHA256 | 12d98137cd1b0cf59ce2fafbfe3a9c3477a42dae840909adad5d4d9f05dd8ede | — | 2025-02-14 | |
| FileHash-SHA256 | 1382997d3a5bb9bdbb9d41bb84c916784591c7cdae68305c3177f327d8a63b71 | — | 2025-02-14 | |
| FileHash-SHA256 | 36851d1da9b2f35da92d70d4c88ea1675f1059d68fafd3abb1099e075512b45e | — | 2025-02-14 | |
| FileHash-SHA256 | 380df073825aca1e2fdbea379431c2f4571a8c7d9369e207a31d2479fbc7be88 | — | 2025-02-14 | |
| FileHash-SHA256 | 4ebdfa738ef74945f6165e337050889dfa0aad61115b738672bbeda648a59dab | — | 2025-02-14 | |
| FileHash-SHA256 | 5695c1e5e4b381844a36d8281126eef73a9641a315f3fdd2eb475c9073c5f4da | — | 2025-02-14 | |
| FileHash-SHA256 | 63a76ca25a5e1e1cf6f0ca8d32ce14980736195e4e2990682b3294b125d241cf | — | 2025-02-14 | |
| FileHash-SHA256 | 688c8e4522061bb9d82e4c3584f7ef8afc6f9e07e2374567755faad2a22e25b8 | — | 2025-02-14 | |
| FileHash-SHA256 | 69414a0ca1de6b2ab7b504a507d35c859fc5a1b8e0b3cf0c6a8948b2f652cbe9 | — | 2025-02-14 | |
| FileHash-SHA256 | 838fd5d269fa09ef4f7e9f586b6577a9f46123a0af551de02de78501d916236d | — | 2025-02-14 | |
| FileHash-SHA256 | 8d458fb59b6da20e1ba1658bb4a1f7dbb46d894530878e91b64d3c675d3d4516 | — | 2025-02-14 | |
| FileHash-SHA256 | 8e9bcc00fc32ddc612bdc0f1465fc79b40fc9e2df1003d452885e7e10feab1ee | — | 2025-02-14 | |
| FileHash-SHA256 | a441b15fe9a3cf56661190a0b93b9dec7d04127288cc87250967cf3b52894d11 | SHA256 of 7ddf32e17a6ac5ce04a8ecbf782ca509 | 2025-02-14 | |
| FileHash-SHA256 | c00cedd6579e01187cd256736b8a506c168c6770776475e8327631df2181fae2 | — | 2025-02-14 | |
| FileHash-SHA256 | da3907cf75662c3401581a5140831f8b2520a4c3645257b3860c7db94295af88 | — | 2025-02-14 | |
| URL | http://adb.androidadbserver.com/jurassic/6c67d428.php | — | 2025-02-14 | |
| URL | http://api1.androidsdkstream.com/foxtrot/ | — | 2025-02-14 | |
| URL | http://api1.androidsdkstream.com/foxtrot//DataX/ | — | 2025-02-14 | |
| URL | http://api1.androidsdkstream.com/foxtrot/61c10953.php | — | 2025-02-14 | |
| URL | http://cloudieapp.net/cloudie.zip | — | 2025-02-14 | |
| URL | http://dev.androidadbserver.com/jurassic/6c67d428.php | — | 2025-02-14 | |
| URL | http://dl01.mozillasecurity.com/ | — | 2025-02-14 | |
| URL | http://dl01.mozillasecurity.com/MicrosoftUpdates/6efbb147.php | — | 2025-02-14 | |
| URL | http://dl01.mozillasecurity.com/Sier/resauth.php | — | 2025-02-14 | |
| URL | http://dl01.mozillasecurity.com/resauth.php/ | — | 2025-02-14 | |
| URL | http://dl01.windowsupdatecloud.com/opex/7ab24931.php | — | 2025-02-14 | |
| URL | http://download.cvscout.uk/c9a5e83c.php | — | 2025-02-14 | |
| URL | http://download.cvscout.uk/cvscout/ | — | 2025-02-14 | |
| URL | http://download.cvscout.uk/cvscout/cvstyler_client.php | — | 2025-02-14 | |
| URL | http://download.rockamore.co.uk/m2c/m_client.php | — | 2025-02-14 | |
| URL | http://download.sexyber.net/0fb1e3a0.php | — | 2025-02-14 | |
| URL | http://download.sexyber.net/sexyber/sexyberC.php | — | 2025-02-14 | |
| URL | http://download.teraspace.co.in/78181D14.php | — | 2025-02-14 | |
| URL | http://download.teraspace.co.in/teraspace/ | — | 2025-02-14 | |
| URL | http://download.webbucket.co.uk/A0B74607.php | — | 2025-02-14 | |
| URL | http://download.webbucket.co.uk/webbucket/ | — | 2025-02-14 | |
| URL | http://download.webbucket.co.uk/webbucket/strong_client.php | — | 2025-02-14 | |
| URL | http://jre.jdklibraries.com/hotriculture/671e00eb.php | — | 2025-02-14 | |
| URL | http://jun.javacdnlib.com/Quebec/5be977ac.php | — | 2025-02-14 | |
| URL | http://jupiter.playstoreapi.net/RB/e7a18a38.php | — | 2025-02-14 | |
| URL | http://jupiter.playstoreapi.net/indigo/8a99d28c.php | — | 2025-02-14 | |
| URL | http://library.androidwebkit.com/kangaroo/8a99d28c.php | — | 2025-02-14 | |
| URL | http://moon.playstoreapi.net/indigo/8a99d28c.php | — | 2025-02-14 | |
| URL | http://sdk2.sdklibraries.com/golf/c6cf642b.php | — | 2025-02-14 | |
| URL | http://sexyber.net/downloads/7ddf32e17a6ac5ce04a8ecbf782ca509/Sexyber-1.0.0.zip | — | 2025-02-14 | |
| URL | http://sni1.androidmetricsasia.com/voilet/8a99d28c.php | — | 2025-02-14 | |
| URL | http://tl37.officelibraries.com/MicrosoftUpdates/741bbfe6.php | — | 2025-02-14 | |
| URL | http://tl37.officelibraries.com/MsWordUpdates/c47d1870.php | — | 2025-02-14 | |
| URL | http://tl37.officelibraries.com/Sier/resauth.php | — | 2025-02-14 | |
| URL | http://tl37.officelibraries.com/opex/13942BA7.php | — | 2025-02-14 | |
| URL | http://tl37.officelibraries.com/resauth.php/ | — | 2025-02-14 | |
| URL | http://ux.androidwebkit.com/kangaroo/8a99d28c.php | — | 2025-02-14 | |
| URL | http://www.craftwithme.uk/cwmb/craftwithme/ | — | 2025-02-14 | |
| URL | http://www.craftwithme.uk/cwmb/craftwithme/strong_client.php | — | 2025-02-14 | |
| URL | http://www.craftwithme.uk/cwmb/d26873c6.php | — | 2025-02-14 | |
| URL | http://www.sexyber.net/downloads/7ddf32e17a6ac5ce04a8ecbf782ca509/Sexyber-1.0.0.zip | — | 2025-02-14 | |
| URL | http://zclouddrive.com/downloads/CloudDrive_Setup_1.0.1.exe | — | 2025-02-14 | |
| URL | http://zclouddrive.com/system/546F9A.php | — | 2025-02-14 | |
| URL | http://zclouddrive.com/system/clouddrive/ | — | 2025-02-14 | |
| domain | androidadbserver.com | — | 2025-02-14 | |
| domain | androidmetricsasia.com | — | 2025-02-14 | |
| domain | androidsdkstream.com | — | 2025-02-14 | |
| domain | androidwebkit.com | — | 2025-02-14 | |
| domain | cloudieapp.net | — | 2025-02-14 | |
| domain | craftwithme.uk | — | 2025-02-14 | |
| domain | cvscout.uk | — | 2025-02-14 | |
| domain | javacdnlib.com | — | 2025-02-14 | |
| domain | jdklibraries.com | — | 2025-02-14 | |
| domain | officelibraries.com | — | 2025-02-14 | |
| domain | playstoreapi.net | — | 2025-02-14 | |
| domain | rockamore.co.uk | — | 2025-02-14 | |
| domain | sdklibraries.com | — | 2025-02-14 | |
| domain | sexyber.net | — | 2025-02-14 | |
| domain | teraspace.co.in | — | 2025-02-14 | |
| domain | webbucket.co.uk | — | 2025-02-14 | |
| domain | windowsupdatecloud.com | — | 2025-02-14 | |
| domain | zclouddrive.com | — | 2025-02-14 | |
| hostname | adb.androidadbserver.com | — | 2025-02-14 | |
| hostname | api1.androidsdkstream.com | — | 2025-02-14 | |
| hostname | dev.androidadbserver.com | — | 2025-02-14 | |
| hostname | dl01.mozillasecurity.com | — | 2025-02-14 | |
| hostname | dl01.windowsupdatecloud.com | — | 2025-02-14 | |
| hostname | download.cvscout.uk | — | 2025-02-14 | |
| hostname | download.rockamore.co.uk | — | 2025-02-14 | |
| hostname | download.sexyber.net | — | 2025-02-14 | |
| hostname | download.teraspace.co.in | — | 2025-02-14 | |
| hostname | download.webbucket.co.uk | — | 2025-02-14 | |
| hostname | jre.jdklibraries.com | — | 2025-02-14 | |
| hostname | jun.javacdnlib.com | — | 2025-02-14 | |
| hostname | jupiter.playstoreapi.net | — | 2025-02-14 | |
| hostname | library.androidwebkit.com | — | 2025-02-14 | |
| hostname | moon.playstoreapi.net | — | 2025-02-14 | |
| hostname | sdk2.sdklibraries.com | — | 2025-02-14 | |
| hostname | sni1.androidmetricsasia.com | — | 2025-02-14 | |
| hostname | tl37.officelibraries.com | — | 2025-02-14 | |
| hostname | ux.androidwebkit.com | — | 2025-02-14 | |
| hostname | www.craftwithme.uk | — | 2025-02-14 | |
| hostname | www.sexyber.net | — | 2025-02-14 |