← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations
WHITE Squidoor Tr1sa111 2025-02-28 Modified: 2025-03-29
37
IOCs
MEDIUM VOLUME
squidoorbackdooraptespionage
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (37)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 1635684e729cfa8911a6fec5448a1375 MD5 of 8187240dafbc62f2affd70da94295035c4179c8e3831cb96bdd9bd322e22d029 2025-02-28
FileHash-MD5 2183043b19f4707f987d874ce44389e3 MD5 of 9f62c1d330dddad347a207a6a565ae07192377f622fa7d74af80705d800c6096 2025-02-28
FileHash-MD5 764a838236f5dceb3d199059ad36311e MD5 of 83406905710e52f6af35b4b3c27549a12c28a628c492429d3a411fdb2d28cc8c 2025-02-28
FileHash-MD5 a9d0f588f1b0f88c5a5036bc5bf2e09e MD5 of f45661ea4959a944ca2917454d1314546cc0c88537479e00550eef05bed5b1b9 2025-02-28
FileHash-MD5 e312ab7486260d546825626c60e85b6f MD5 of 3fcfc4cb94d133563b17efe03f013e645fa2f878576282805ff5e58b907d2381 2025-02-28
FileHash-SHA1 2fdea656bf50277c8d728e1a005bf1e5157c68d0 SHA1 of 83406905710e52f6af35b4b3c27549a12c28a628c492429d3a411fdb2d28cc8c 2025-02-28
FileHash-SHA1 7e2366cf665c602237e988954700cd48859fb197 SHA1 of 3fcfc4cb94d133563b17efe03f013e645fa2f878576282805ff5e58b907d2381 2025-02-28
FileHash-SHA1 a1376a0760c0c327c2ff370cecdf755dfa53eca5 SHA1 of f45661ea4959a944ca2917454d1314546cc0c88537479e00550eef05bed5b1b9 2025-02-28
FileHash-SHA1 e056d93490fc1c8a07745930e763611989eda674 SHA1 of 8187240dafbc62f2affd70da94295035c4179c8e3831cb96bdd9bd322e22d029 2025-02-28
FileHash-SHA1 f26028851f3b6f81c915ee1243173434fad86172 SHA1 of 9f62c1d330dddad347a207a6a565ae07192377f622fa7d74af80705d800c6096 2025-02-28
FileHash-SHA256 1dd423ff0106b15fd100dbc24c3ae9f9860a1fcdb6a871a1e27576f6681a0850 2025-02-28
FileHash-SHA256 224becf3f19a3f69ca692d83a6fabfd2d78bab10f4480ff6da9716328e8fc727 2025-02-28
FileHash-SHA256 265ceb5184cac76477f5bc2a2bf74c39041c29b33a8eb8bd1ab22d92d6bebaf5 2025-02-28
FileHash-SHA256 2b6080641239604c625d41857167fea14b6ce47f6d288dc7eb5e88ae848aa57f 2025-02-28
FileHash-SHA256 33689ac745d204a2e5de76bc976c904622508beda9c79f9d64c460ebe934c192 2025-02-28
FileHash-SHA256 3fcfc4cb94d133563b17efe03f013e645fa2f878576282805ff5e58b907d2381 2025-02-28
FileHash-SHA256 461f5969b8f2196c630f0868c2ac717b11b1c51bc5b44b87f5aad19e001869cc 2025-02-28
FileHash-SHA256 5dd361bcc9bd33af26ff28d321ad0f57457e15b4fab6f124f779a01df0ed02d0 2025-02-28
FileHash-SHA256 6c1d918b33b1e6dab948064a59e61161e55fccee383e523223213aa2c20c609c 2025-02-28
FileHash-SHA256 7c6d29cb1f3f3e956905016f0171c2450cca8f70546eee56cface7ba31d78970 2025-02-28
FileHash-SHA256 8187240dafbc62f2affd70da94295035c4179c8e3831cb96bdd9bd322e22d029 2025-02-28
FileHash-SHA256 81bd2a8d68509dd293a31ddd6d31262247a9bde362c98cf71f86ae702ba90db4 2025-02-28
FileHash-SHA256 82e68dc50652ab6c7734ee913761d04b37429fca90b7be0711cd33391febff0a 2025-02-28
FileHash-SHA256 83406905710e52f6af35b4b3c27549a12c28a628c492429d3a411fdb2d28cc8c 2025-02-28
FileHash-SHA256 945313edd0703c966421211078911c4832a0d898f0774f049026fc8c9e7d1865 2025-02-28
FileHash-SHA256 9f62c1d330dddad347a207a6a565ae07192377f622fa7d74af80705d800c6096 2025-02-28
FileHash-SHA256 a7d76e0f7eab56618f4671b5462f5c210f3ca813ff266f585bb6a58a85374156 2025-02-28
FileHash-SHA256 c8a5388e7ff682d3c16ab39e578e6c529f5e23a183cd5cbf094014e0225e2e0a 2025-02-28
FileHash-SHA256 e8d6fb67b3fd2a8aa608976bcb93601262d7a95d37f6bae7c0a45b02b3b325ad 2025-02-28
FileHash-SHA256 f45661ea4959a944ca2917454d1314546cc0c88537479e00550eef05bed5b1b9 2025-02-28
FileHash-SHA256 f663149d618be90e5596b28103d38e963c44a69a5de4a1be62547259ca9ffd2d 2025-02-28
FileHash-SHA256 fa2a6dbc83fe55df848dfcaaf3163f8aaefe0c9727b3ead1da6b9fa78b598f2b 2025-02-28
domain microsoft-beta.com 2025-02-28
domain microsoftapimap.com 2025-02-28
domain zimbra-beta.info 2025-02-28
hostname support.vmphere.com 2025-02-28
hostname update.hobiter.com 2025-02-28
References (1)
↗ https://unit42.paloaltonetworks.com/advanced-backdoor-squidoor/