← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
From banks to battalions: SideWinder’s attacks on South Asia’s public sector
WHITE Tr1sa111 2025-05-26 Modified: 2025-05-26
149
IOCs
HIGH VOLUME
januaryfebruarysri lankaaprilsidewindercve20170199cve201711882decemberstealerbotbangladeshvirustotalcoreaugustmsofficeexplorer
Indicators of Compromise (149)
All CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
CVE CVE-2017-0199 2025-05-26
CVE CVE-2017-11882 2025-05-26
FileHash-MD5 0ffd99b46024863228e14efea8265ff2 MD5 of 896ddb35cde29b51ec5cf0da0197605d5fd754c1f9f45e97d40cd287fb5a2d25 2025-05-26
FileHash-MD5 12a891501e271d32802495af88cfa247 2025-05-26
FileHash-MD5 43d35b5b20f491be219ab2eaa172ec55 MD5 of 1955c6914097477d5141f720c9e8fa44b4fe189e854da298d85090cbc338b35a 2025-05-26
FileHash-MD5 648eb92f1125f0156880578cc64a53dd 2025-05-26
FileHash-MD5 6a84b971194afe6256be1f7f68587a60 MD5 of fb50c60c237ea00f29e4876b326f5f8e872f5ad6d1ca7c9925d9b901e573f788 2025-05-26
FileHash-MD5 6c706df697ad8dc8f0867a4f65817216 MD5 of 15cf5271c7b9b8ad22c4c96bc8674d9835e8d419fc1a6077f3b59fbd7e59d112 2025-05-26
FileHash-MD5 71b0774691ab8192af8ed8e816a1f475 MD5 of e4afb43a13e043d99ff0fb0a0ac49e96a04932ba37365527914d6be779597edf 2025-05-26
FileHash-MD5 88af570ec4821aa762ed04f2549ad6c1 2025-05-26
FileHash-MD5 964befd24e41a128e9fffdc7b41399a8 MD5 of 725ded50e7f517addd12f029aeaf9a23f2b9ce6239b98820c8a12ea5cb79dbfa 2025-05-26
FileHash-MD5 9e3aaa68e88a604a7aba9cf83b49de6e 2025-05-26
FileHash-MD5 a1d195e1dfa679218991e4e53a056ce3 MD5 of 9b76d98c2641512c66e8f2f99b2d0bda86ec1a4809420b74feadfb8f4f7dbf48 2025-05-26
FileHash-MD5 b0f2f200a69db71947578fca51d4ff94 MD5 of 57b9744b30903c7741e9966882815e1467be1115cbd6798ad4bfb3d334d3523d 2025-05-26
FileHash-MD5 b37522b69406b3f6229b7f3bbef0a293 2025-05-26
FileHash-MD5 b574abf43dcc57a359129d1adb4cdda0 2025-05-26
FileHash-SHA1 1327f20512762a533c22fe181be3fcdd29ab76fe SHA1 of 1955c6914097477d5141f720c9e8fa44b4fe189e854da298d85090cbc338b35a 2025-05-26
FileHash-SHA1 274b3cdab333bce3309d7444b2cb82fd7c0b1926 SHA1 of 896ddb35cde29b51ec5cf0da0197605d5fd754c1f9f45e97d40cd287fb5a2d25 2025-05-26
FileHash-SHA1 418bca5eecc47f8a0723838b00311d322db53451 SHA1 of 15cf5271c7b9b8ad22c4c96bc8674d9835e8d419fc1a6077f3b59fbd7e59d112 2025-05-26
FileHash-SHA1 4e96eaa3b96bba0e2c72df4ab045f1c5f816b88d SHA1 of e4afb43a13e043d99ff0fb0a0ac49e96a04932ba37365527914d6be779597edf 2025-05-26
FileHash-SHA1 656fa08c341a8d7b74f28a24e1efbcc4b715a886 SHA1 of 725ded50e7f517addd12f029aeaf9a23f2b9ce6239b98820c8a12ea5cb79dbfa 2025-05-26
FileHash-SHA1 7a92da5b91c82e9be8e2049ebe1661133cd4087b SHA1 of fb50c60c237ea00f29e4876b326f5f8e872f5ad6d1ca7c9925d9b901e573f788 2025-05-26
FileHash-SHA1 e0460f7a93ab8d1d4989f8eaa12b83f20b6ac9f6 SHA1 of 9b76d98c2641512c66e8f2f99b2d0bda86ec1a4809420b74feadfb8f4f7dbf48 2025-05-26
FileHash-SHA1 e4bba61544f83d14f4fabf52971d5f0fa15c5935 SHA1 of 57b9744b30903c7741e9966882815e1467be1115cbd6798ad4bfb3d334d3523d 2025-05-26
FileHash-SHA256 0a7fce4e7456ecb12c95d28b6b4d263d9ca23a1de1e298234a904a319be6e708 2025-05-26
FileHash-SHA256 1527cf10f00c798262b3347c00af8028fee3bc88a450bc2df7766b1118c62cd5 2025-05-26
FileHash-SHA256 15cf5271c7b9b8ad22c4c96bc8674d9835e8d419fc1a6077f3b59fbd7e59d112 2025-05-26
FileHash-SHA256 1955c6914097477d5141f720c9e8fa44b4fe189e854da298d85090cbc338b35a 2025-05-26
FileHash-SHA256 1c68ca3ede75946568bb00c39b7054cb2ae4fcbe2805061e38ed15f4d526262c 2025-05-26
FileHash-SHA256 47d77499968244911d0179fb858578de00dbb98079e33f5ed5d229d03eb04d67 2025-05-26
FileHash-SHA256 558de2a01fbd76be171561c3c82fd6a8e2d4c913444850af99d44a4cfb41b680 2025-05-26
FileHash-SHA256 57b9744b30903c7741e9966882815e1467be1115cbd6798ad4bfb3d334d3523d 2025-05-26
FileHash-SHA256 61132f15775224f8aae02499b90b6bc19d4b3b44d987e0323276dceb260cc407 2025-05-26
FileHash-SHA256 63f5445527c47e17b71e87eef4dd7a86883607a22830bcee5b1fabc5d03bab38 2025-05-26
FileHash-SHA256 663a7b509db86ca498af57cc458139a76ee07c60d413d60a98921c7e901e0e3d 2025-05-26
FileHash-SHA256 677b4d9efcfcae9cbbd39b2b2cdc0df69d4a55460814747f60f35ea2e81dad2e 2025-05-26
FileHash-SHA256 69eee36642f274c724fadcfdf1f103ae0fd9b5f4bad7ac6a33b3c627d6114426 2025-05-26
FileHash-SHA256 725ded50e7f517addd12f029aeaf9a23f2b9ce6239b98820c8a12ea5cb79dbfa 2025-05-26
FileHash-SHA256 7363887b6b0fe7cece3c21ad18515835922379c7d78c47cea745940a1061a6c4 2025-05-26
FileHash-SHA256 74111c9b0ed748fc6bfc025d13a2ed08663b988cb69c044f1c6f153f9020294c 2025-05-26
FileHash-SHA256 896ddb35cde29b51ec5cf0da0197605d5fd754c1f9f45e97d40cd287fb5a2d25 2025-05-26
FileHash-SHA256 8d00c97d16e3733feee6b1bc6bd77b8423e0b79a812db55880f5b2d751a4bd47 2025-05-26
FileHash-SHA256 8dd189e390b168bff6caa82d5077f4eda8902c251fe0a0120aa42bd78e56f9bc 2025-05-26
FileHash-SHA256 96d429d67a2663ef2cf3f45ccd0619adf0cd030f7fe70f072af1ce1d67ec52a3 2025-05-26
FileHash-SHA256 9b76d98c2641512c66e8f2f99b2d0bda86ec1a4809420b74feadfb8f4f7dbf48 2025-05-26
FileHash-SHA256 a90fd0e3d3be14b92b3dc809ddea9a0cc377b130ebb4c48a8891e4832a85c412 2025-05-26
FileHash-SHA256 ac13697c19cf0b6767442fc001ca48d0d9e3c9340549d3e73539ea299e27015e 2025-05-26
FileHash-SHA256 bb9acc2d23afee3265b81326ce65cfddde3fc04648d3ba2d2ea22ec0e3d8f90e 2025-05-26
FileHash-SHA256 c62e365a6a60e0db4c2afd497464accdb783c336b116a5bc7806a4c47b539cc5 2025-05-26
FileHash-SHA256 d3fb61c0211bd379bf80f15cf072fdbc1187fe95546fdfcfcbdf8918004f05e2 2025-05-26
FileHash-SHA256 e33e74e3925bc3f287ef817a186807a38d411524984a5d0930939646022206b0 2025-05-26
FileHash-SHA256 e4afb43a13e043d99ff0fb0a0ac49e96a04932ba37365527914d6be779597edf 2025-05-26
FileHash-SHA256 fb50c60c237ea00f29e4876b326f5f8e872f5ad6d1ca7c9925d9b901e573f788 2025-05-26
FileHash-SHA256 ffebc5f8fc3a0346f9767c64b5b040d7679e1d3726024e59fe134825e31c8b8c 2025-05-26
URL http://advisory.army-govbd.info/ISPR/7201a146 2025-05-26
URL http://advisory.army-govbd.info/ISPR/d81b2d23/Accept_EULA.rtf 2025-05-26
domain army-govbd.info 2025-05-26
domain bismi.pro 2025-05-26
domain dwnlld.com 2025-05-26
domain dwnlld.info 2025-05-26
domain ecility.xyz 2025-05-26
domain info-lanka.org 2025-05-26
domain live-co.org 2025-05-26
domain mail163.info 2025-05-26
domain milqq.info 2025-05-26
domain modpak.live 2025-05-26
domain net-co.info 2025-05-26
domain net-src.info 2025-05-26
domain nic-svc.net 2025-05-26
domain onlinestatus.live 2025-05-26
domain org-co.net 2025-05-26
domain org-liv.net 2025-05-26
domain updates-installer.store 2025-05-26
domain viewdoc.online 2025-05-26
domain vpdf.online 2025-05-26
hostname 6441056b613c32a9.dwnlld.info 2025-05-26
hostname 7ef1996f-c463-4540-936a-70d0fd477f98.live-co.org 2025-05-26
hostname a5936441-e402-41e3-b02b-75af112074b5.org-co.net 2025-05-26
hostname advisary.army-govbd.info 2025-05-26
hostname advisory.army-govbd.info 2025-05-26
hostname amended.army-govbd.info 2025-05-26
hostname bscic-gov-bd.dwnlld.info 2025-05-26
hostname cabinet-gov-bd.dwnlld.info 2025-05-26
hostname cabinet-gov-bd.org-liv.net 2025-05-26
hostname cirt-gov-bd.org-liv.net 2025-05-26
hostname customs-gov-lk.net-co.info 2025-05-26
hostname data-sob-gov-bd.live-co.org 2025-05-26
hostname dirsports.milqq.info 2025-05-26
hostname dwnlld.infomfa-gov-lk.dwnlld.info 2025-05-26
hostname email.sco.gov.pk.viewdoc.online 2025-05-26
hostname emv1.army-govbd.info 2025-05-26
hostname esxipubad-gov-lk.org-co.net 2025-05-26
hostname fa-gov-lk.dwnlld.info 2025-05-26
hostname geninstr.army-govbd.info 2025-05-26
hostname gov-lk.org-liv.net 2025-05-26
hostname gso2.mail163.info 2025-05-26
hostname hisidewindersidewinder.pimec-paknavy.updates-installer.store 2025-05-26
hostname imec-paknavy.updates-installer.store 2025-05-26
hostname infomfa-gov-lk.dwnlld.info 2025-05-26
hostname interior-gov-pk.mail-govt.org 2025-05-26
hostname jtops.milqq.info 2025-05-26
hostname lolsidewindersidewinder.nic-svc.net 2025-05-26
hostname mail-mofa-gov.org-liv.net 2025-05-26
hostname mail.army-govbd.info 2025-05-26
hostname mail.nepla.gov.np.onlinestatus.live 2025-05-26
hostname mail.ntc.net.pk.onlinestatus.live 2025-05-26
hostname mail.ntc.net.pk.vpdf.online 2025-05-26
hostname mail.paf.gov.pk.onlinestatus.live 2025-05-26
hostname mail.pof.gov.pk.onlinestatus.live 2025-05-26
hostname mfa-gov-lk.dwnlld.info 2025-05-26
hostname mod-gov-bd.dwnlld.info 2025-05-26
hostname mod-gov-bd.live-co.org 2025-05-26
hostname mod-gov-bd.org-liv.net 2025-05-26
hostname modltr.info-lanka.org 2025-05-26
hostname mof-gov-bd.nic-svc.net 2025-05-26
hostname mof-gov-np.dwnlld.info 2025-05-26
hostname mofa-gov-bd.dwnlld.info 2025-05-26
hostname mofa-gov-bd.live-co.org 2025-05-26
hostname mofa-gov-np.live-co.org 2025-05-26
hostname mofa-gov-np.net-src.info 2025-05-26
hostname mofa-gov-np.org-liv.net 2025-05-26
hostname moitt-gov-pk.dwnlld.info 2025-05-26
hostname paknavy.modpak.live 2025-05-26
hostname pimec-paknavy.updates-installer.store 2025-05-26
hostname postmaster.net-co.info 2025-05-26
hostname prison-gov-bd.dwnlld.info 2025-05-26
hostname probashi-gov-bd.mail-govt.org 2025-05-26
hostname probashi-gov-bd.net-src.info 2025-05-26
hostname pubad-gov-lk.live-co.org 2025-05-26
hostname pubad-gov-lk.net-src.info 2025-05-26
hostname pubad-gov-lk.org-co.net 2025-05-26
hostname pubad-gov-lk.org-liv.net 2025-05-26
hostname treasury-gov-lk.nic-svc.net 2025-05-26
hostname vt.metadata.submitter.country 2025-05-26
hostname www-cabinetoffice-gov-lk.mail-govt.org 2025-05-26
hostname www-cbsl-gov-lk.dwnlld.com 2025-05-26
hostname www-cbsl-gov-lk.dwnlld.info 2025-05-26
hostname www-cbsl-gov-lk.dwnlld.infomfa-gov-lk.dwnlld.info 2025-05-26
hostname www-erd-gov-lk.dwnlld.info 2025-05-26
hostname www-erd-gov-lk.nic-svc.net 2025-05-26
hostname www-presidentsoffice-gov-lk.dwnlld.com 2025-05-26
hostname www-treasury-gov-lk.org-liv.net 2025-05-26
hostname www.army-govbd.info 2025-05-26
hostname www.customs-gov-lk.net-co.info 2025-05-26
hostname www.dwnlld.info 2025-05-26
hostname www.info-lanka.org 2025-05-26
hostname www.treasury-gov-lk.nic-svc.net 2025-05-26
hostname wwww.nic-svc.net 2025-05-26
hostname xcfhg.dwnlld.info 2025-05-26
References (1)
↗ https://www.acronis.com/en-us/cyber-protection-center/posts/from-banks-to-battalions-sidewinders-attacks-on-south-asias-public-sector/