← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Byte Bandits: How Fake PDF Converters Are Stealing More Than Just Your Documents | CloudSEK
WHITE Tr1sa111 2025-04-18 Modified: 2025-05-18
11
IOCs
MEDIUM VOLUME
CloudSEK is an artificial intelligence (AI) platform designed to protect organisations and businesses against cyber threats. £1.5m of data breach and cyber-attack in India by 2025.
figurehome pagepowershellmsbuildhashmarchdenver fieldcloudsekpdf filewordtrojansectopratarechclient2arechclientremote access
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Arechclient2 ArechClient Remote Access
Indicators of Compromise (11)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 8f36c3db24ddd1dc408b3589ecfcdf70 MD5 of 72642e429546e5ab207633d3c6a7e2e70698ef65 2025-04-18
FileHash-MD5 e69917fa99f750a6c4e19523c3f2014b MD5 of 51de0b104e9ced3028a41d01dedf735809eb7f60888621027c7f00f0fcf9c834 2025-04-18
FileHash-SHA1 4b0185f38b668d7332d411f4824de2d111b3e670 SHA1 of 51de0b104e9ced3028a41d01dedf735809eb7f60888621027c7f00f0fcf9c834 2025-04-18
FileHash-SHA1 72642e429546e5ab207633d3c6a7e2e70698ef65 2025-04-18
FileHash-SHA256 1da2b2004f63b11ab0d3f67cd1431742a1656460492bd4b42fd53d413e6e1570 SHA256 of 72642e429546e5ab207633d3c6a7e2e70698ef65 2025-04-18
FileHash-SHA256 51de0b104e9ced3028a41d01dedf735809eb7f60888621027c7f00f0fcf9c834 2025-04-18
URL http://bind-new-connect.click/marmaris/later 2025-04-18
URL http://bind-new-connect.click/santa/bee 2025-04-18
domain bind-new-connect.click 2025-04-18
domain candyconverterpdf.com 2025-04-18
domain candyxpdf.com 2025-04-18
References (1)
↗ https://www.cloudsek.com/blog/byte-bandits-how-fake-pdf-converters-are-stealing-more-than-just-your-documents#Indicators-of-Compromise-IOC