← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Operation Celestial Force employs mobile and desktop malware to target Indian entities
WHITE Pakistani Armature_TIP 2025-02-14 Modified: 2025-02-14
153
IOCs
HIGH VOLUME
Cisco Talos is disclosing details of a new malware campaign being used by suspected Pakistani hackers to target Indian entities and government officials from the Indian subcontinent, including those belonging to government and defence sectors.
Indicators of Compromise (44 / 153 total)
All domain hostname FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL
TYPEINDICATORDESCRIPTIONCREATED
URL http://adb.androidadbserver.com/jurassic/6c67d428.php 2025-02-14
URL http://api1.androidsdkstream.com/foxtrot/ 2025-02-14
URL http://api1.androidsdkstream.com/foxtrot//DataX/ 2025-02-14
URL http://api1.androidsdkstream.com/foxtrot/61c10953.php 2025-02-14
URL http://cloudieapp.net/cloudie.zip 2025-02-14
URL http://dev.androidadbserver.com/jurassic/6c67d428.php 2025-02-14
URL http://dl01.mozillasecurity.com/ 2025-02-14
URL http://dl01.mozillasecurity.com/MicrosoftUpdates/6efbb147.php 2025-02-14
URL http://dl01.mozillasecurity.com/Sier/resauth.php 2025-02-14
URL http://dl01.mozillasecurity.com/resauth.php/ 2025-02-14
URL http://dl01.windowsupdatecloud.com/opex/7ab24931.php 2025-02-14
URL http://download.cvscout.uk/c9a5e83c.php 2025-02-14
URL http://download.cvscout.uk/cvscout/ 2025-02-14
URL http://download.cvscout.uk/cvscout/cvstyler_client.php 2025-02-14
URL http://download.rockamore.co.uk/m2c/m_client.php 2025-02-14
URL http://download.sexyber.net/0fb1e3a0.php 2025-02-14
URL http://download.sexyber.net/sexyber/sexyberC.php 2025-02-14
URL http://download.teraspace.co.in/78181D14.php 2025-02-14
URL http://download.teraspace.co.in/teraspace/ 2025-02-14
URL http://download.webbucket.co.uk/A0B74607.php 2025-02-14
URL http://download.webbucket.co.uk/webbucket/ 2025-02-14
URL http://download.webbucket.co.uk/webbucket/strong_client.php 2025-02-14
URL http://jre.jdklibraries.com/hotriculture/671e00eb.php 2025-02-14
URL http://jun.javacdnlib.com/Quebec/5be977ac.php 2025-02-14
URL http://jupiter.playstoreapi.net/RB/e7a18a38.php 2025-02-14
URL http://jupiter.playstoreapi.net/indigo/8a99d28c.php 2025-02-14
URL http://library.androidwebkit.com/kangaroo/8a99d28c.php 2025-02-14
URL http://moon.playstoreapi.net/indigo/8a99d28c.php 2025-02-14
URL http://sdk2.sdklibraries.com/golf/c6cf642b.php 2025-02-14
URL http://sexyber.net/downloads/7ddf32e17a6ac5ce04a8ecbf782ca509/Sexyber-1.0.0.zip 2025-02-14
URL http://sni1.androidmetricsasia.com/voilet/8a99d28c.php 2025-02-14
URL http://tl37.officelibraries.com/MicrosoftUpdates/741bbfe6.php 2025-02-14
URL http://tl37.officelibraries.com/MsWordUpdates/c47d1870.php 2025-02-14
URL http://tl37.officelibraries.com/Sier/resauth.php 2025-02-14
URL http://tl37.officelibraries.com/opex/13942BA7.php 2025-02-14
URL http://tl37.officelibraries.com/resauth.php/ 2025-02-14
URL http://ux.androidwebkit.com/kangaroo/8a99d28c.php 2025-02-14
URL http://www.craftwithme.uk/cwmb/craftwithme/ 2025-02-14
URL http://www.craftwithme.uk/cwmb/craftwithme/strong_client.php 2025-02-14
URL http://www.craftwithme.uk/cwmb/d26873c6.php 2025-02-14
URL http://www.sexyber.net/downloads/7ddf32e17a6ac5ce04a8ecbf782ca509/Sexyber-1.0.0.zip 2025-02-14
URL http://zclouddrive.com/downloads/CloudDrive_Setup_1.0.1.exe 2025-02-14
URL http://zclouddrive.com/system/546F9A.php 2025-02-14
URL http://zclouddrive.com/system/clouddrive/ 2025-02-14