Pulse Detail — Threat Intelligence

PULSE NAME

APT41: Innovative Tactics and Techniques in Cyber Espionage.

WHITE PetrP.73 2025-05-29 Modified: 2025-05-29

IOCs

HIGH VOLUME

Persistent threat group APT41, known for its innovative tactics and multifaceted operations in cyber espionage. The article examines APT41's unique methodologies, highlighting their ability to pivot across sectors and geographies while employing a range of sophisticated techniques.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1071.001 T1190 T1203 T1566 T1105 T1486

MALWARE FAMILIES

TOUGHPROGRESS

Indicators of Compromise (81)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 YARA hostname URL domain

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	1ca609e207edb211c8b9566ef35043b6	—	2025-05-29
FileHash-MD5	2ec4eeeabb8f6c2970dcbffdcdbd60e3	MD5 of 151257e9dfda476cdafd9983266ad3255104d72a66f9265caa8417a5fe1df5d7	2025-05-29
FileHash-MD5	65da1a9026cf171a5a7779bc5ee45fb1	MD5 of 3b88b3efbdc86383ee9738c92026b8931ce1c13cd75cd1cda2fa302791c2c4fb	2025-05-29
FileHash-MD5	876fb1b0275a653c4210aaf01c2698ec	MD5 of 469b534bec827be03c0823e72e7b4da0b84f53199040705da203986ef154406a	2025-05-29
FileHash-SHA1	a04cff8208769ecdc43e14291273c3a540199d07	SHA1 of 469b534bec827be03c0823e72e7b4da0b84f53199040705da203986ef154406a	2025-05-29
FileHash-SHA1	a6a29946269107b9fd3bcd85386ef9d7438b7ae1	SHA1 of 3b88b3efbdc86383ee9738c92026b8931ce1c13cd75cd1cda2fa302791c2c4fb	2025-05-29
FileHash-SHA1	e7ad8d1d670757eba247d4992af54a9003e35a7d	SHA1 of 151257e9dfda476cdafd9983266ad3255104d72a66f9265caa8417a5fe1df5d7	2025-05-29
FileHash-SHA256	151257e9dfda476cdafd9983266ad3255104d72a66f9265caa8417a5fe1df5d7	—	2025-05-29
FileHash-SHA256	3b88b3efbdc86383ee9738c92026b8931ce1c13cd75cd1cda2fa302791c2c4fb	—	2025-05-29
FileHash-SHA256	469b534bec827be03c0823e72e7b4da0b84f53199040705da203986ef154406a	—	2025-05-29
FileHash-SHA256	50124174a4ac0d65bf8b6fd66f538829d1589edc73aa7cf36502e57aa5513360	—	2025-05-29
FileHash-MD5	39a46d7f1ef9b9a5e40860cd5f646b9d	—	2025-05-29
YARA	064e96b69044be8968162fed9d6c58ff62676b36	—	2025-05-29
hostname	term-restore-satisfied-hence.trycloudflare.com	—	2025-05-29
hostname	ways-sms-pmc-shareholders.trycloudflare.com	—	2025-05-29
hostname	cloud.msapp.workers.dev	—	2025-05-29
hostname	pubs.infinityfreeapp.com	—	2025-05-29
hostname	resource.infinityfreeapp.com	—	2025-05-29
hostname	word.msapp.workers.dev	—	2025-05-29
URL	http://ways-sms-pmc-shareholders.trycloudflare.com/public/sa150_notes_2024.lnk	—	2025-05-29
domain	infinityfreeapp.com	—	2025-05-29
URL	https://resource.infinityfreeapp.com/0023012	—	2025-05-29
URL	https://resource.infinityfreeapp.com/0023012-317.html	—	2025-05-29
URL	https://resource.infinityfreeapp.com/ABC_of_Tax.html	—	2025-05-29
URL	https://resource.infinityfreeapp.com/steuerratgeber.html	—	2025-05-29
URL	http://pubs.infinityfreeapp.com/IRS_P966.html	—	2025-05-29
URL	http://pubs.infinityfreeapp.com/La_dichiarazione_precompilata_2024.html	—	2025-05-29
URL	http://pubs.infinityfreeapp.com/Notice_pour_remplir_la_N°_2044.html	—	2025-05-29
URL	http://pubs.infinityfreeapp.com/Steuerratgeber.html	—	2025-05-29
URL	http://pubs.infinityfreeapp.com/sa150_notas_2024.html	—	2025-05-29
URL	http://pubs.infinityfreeapp.com/sa150_notes_2024.html/	—	2025-05-29
URL	http://pubs.infinityfreeapp.com/sa150_notes_2024.htmlÂ	—	2025-05-29
URL	http://pubs.infinityfreeapp.com/steuerratgeber.html	—	2025-05-29
URL	https://pubs.infinityfreeapp.com/IRS_P966.HTML	—	2025-05-29
URL	https://pubs.infinityfreeapp.com/IRS_P966.html	—	2025-05-29
URL	https://pubs.infinityfreeapp.com/La_dichiarazione_precompilata_2024.HTML	—	2025-05-29
URL	https://pubs.infinityfreeapp.com/La_dichiarazione_precompilata_2024.html	—	2025-05-29
URL	https://pubs.infinityfreeapp.com/Notice_pour_remplir_la_N°_2044.HTML	—	2025-05-29
URL	https://pubs.infinityfreeapp.com/Notice_pour_remplir_la_N°_2044.html	—	2025-05-29
URL	https://pubs.infinityfreeapp.com/SA150_Notes_2024.HTML	—	2025-05-29
URL	https://pubs.infinityfreeapp.com/Steuerratgeber.HTML	—	2025-05-29
URL	https://pubs.infinityfreeapp.com/Steuerratgeber.html	—	2025-05-29
URL	https://pubs.infinityfreeapp.com/SA150_Notes_2024.html	—	2025-05-29
hostname	abc-group-online-shop.infinityfreeapp.com	—	2025-05-29
hostname	aramex-express-delivery.infinityfreeapp.com	—	2025-05-29
hostname	create2.infinityfreeapp.com	—	2025-05-29
hostname	forevercafe.infinityfreeapp.com	—	2025-05-29
hostname	iplblog.infinityfreeapp.com	—	2025-05-29
hostname	mtmsk.infinityfreeapp.com	—	2025-05-29
hostname	netfly.infinityfreeapp.com	—	2025-05-29
hostname	pa3tuitionpoint.infinityfreeapp.com	—	2025-05-29
hostname	petcarehomeservice.infinityfreeapp.com	—	2025-05-29
hostname	spiertzd2.infinityfreeapp.com	—	2025-05-29
hostname	taziddeneu.infinityfreeapp.com	—	2025-05-29
hostname	urhohongisto.infinityfreeapp.com	—	2025-05-29
hostname	vikachu1.infinityfreeapp.com	—	2025-05-29
hostname	www.learning-wordpress.infinityfreeapp.com	—	2025-05-29
hostname	zubalstani2.infinityfreeapp.com	—	2025-05-29
URL	http://aramex-express-delivery.infinityfreeapp.com/	—	2025-05-29
URL	http://banappleph.infinityfreeapp.com/	—	2025-05-29
URL	http://bonogas.infinityfreeapp.com/	—	2025-05-29
URL	http://erditsosmed.infinityfreeapp.com/	—	2025-05-29
URL	http://netfly.infinityfreeapp.com/	—	2025-05-29
URL	http://outlook-spd-de.infinityfreeapp.com/	—	2025-05-29
URL	http://studentdockaraveen.infinityfreeapp.com/	—	2025-05-29
URL	http://www-bni-humputan.infinityfreeapp.com/	—	2025-05-29
URL	https://aramex-express-delivery.infinityfreeapp.com/	—	2025-05-29
URL	https://banappleph.infinityfreeapp.com/	—	2025-05-29
URL	https://bank0faerica.infinityfreeapp.com/	—	2025-05-29
URL	https://bonogas.infinityfreeapp.com/	—	2025-05-29
URL	https://e-pandemislem.infinityfreeapp.com/	—	2025-05-29
URL	https://elrincondelmovil.infinityfreeapp.com/	—	2025-05-29
URL	https://filehosting.infinityfreeapp.com/	—	2025-05-29
URL	https://forevercafe.infinityfreeapp.com/	—	2025-05-29
URL	https://intechiot.infinityfreeapp.com/index.php	—	2025-05-29
URL	https://navajo7310.infinityfreeapp.com/	—	2025-05-29
URL	https://opendocument.infinityfreeapp.com/	—	2025-05-29
URL	https://petcarehomeservice.infinityfreeapp.com/	—	2025-05-29
domain	my5353.com	—	2025-05-29
domain	reurl.cc	—	2025-05-29
domain	lihi.cc	—	2025-05-29