Pulse Detail — Threat Intelligence

PULSE NAME

UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShell | Sysdig

WHITE CyberHunter_NL 2025-04-16 Modified: 2025-05-16

IOCs

HIGH VOLUME

Indicators of Compromise (5 / 62 total)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL YARA domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	193beea281b0d13323dffb32483aa661	MD5 of 21ccb25887eae8b17349cefc04394dc3ad75c289768d7ba61f51d228b4c964db	2025-04-16
FileHash-MD5	1a36513fbd980c884968fc60dc193977	MD5 of 6579defcd1326efad359c59cfe9a76d7df375e54f6e977dd880d10f81325999e	2025-04-16
FileHash-MD5	90bb96c7a3fd501d7ac0fce143083b85	MD5 of c0838b1211d482d21ccb2c9cc9fb224d1f826474d496a76d21ca18fa2ef92bc1	2025-04-16
FileHash-MD5	96f307b0ba3bb11715fab5db8d61191f	MD5 of e6db3de3a21debce119b16697ea2de5376f685567b284ef2dee32feb8d2d44f8	2025-04-16
FileHash-MD5	f665278591038f346e65817b17c930f9	MD5 of f064fdd24c56f2d20f1a6a32fc7edbd3848f962b25965b788b0dc725eeab9db4	2025-04-16

References (1)