← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Win.Trojan.Uniblue-9873211-0 (?) -formerly ’Cycbot’ active in Law Firm
WHITE Q.Vashti 2025-06-04 Modified: 2025-07-04
155
IOCs
HIGH VOLUME
Win.Trojan.Uniblue-9873211-0 -formerly ’Cycbot’ active in regional injury Law Firm. Suspicious and inconsistent behavior of phone staff prompts search due to several complaints. Reputable Law firm unwilling to take actual cases with severe evidence based injuries, back peddling, information gathering, potentially tampered with data due to missing reports exchanged via email, etc. Denies hearing from clients, potential clients in months to years though much contact has been made and information medical, PHI, PII, and other information shared. In a recent situation firm declined case previously accepted but did want to review a piece of information they had not received from denied potential client. The client will contact legitimate, reputable firms referred to and is redirected to botnets. Affected individuals have been denied the right to pursue justice on multiple occasions due to “who knows”. Had individuals been accused of crimes they would even be able obtain free representation when necessary.
type indicatorrole titleadded activerelated pulsesfilehashmd5showingentriesipv4url httpsindicator roletitle addedactive relatedpulses urlip addresslocation unitedasn as209242whois registrarnext associatedurls showdate checkedurl hostnameserver responsegoogle saferesults maypresent maypresent novunitedunknown cnamefilehashsha256filehashsha1icator roleregsetvalueexawin32searchregdwordprocess32nextwshowread cportms windowscopywritemalwareformatactivitysid namemalware cveforbiddenhttp requestpostdeleteurl hostport method
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (46 / 155 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 50a8275ec8dfd96c91fc4859e8ddc1b0 MD5 of b14acae2a18bf0041e83c230241ae69d04fbd57a 2025-06-04
FileHash-MD5 0288956119098603018d9a054462e1fa MD5 of 0dce9f47e0a2b0c9013131ad26ec525b04c5055d 2025-06-04
FileHash-MD5 0a0929fe70b38b144c644ea50e0b70f8 MD5 of 10be6caf686a472ea4d37b200e0b8ed8aa102953 2025-06-04
FileHash-MD5 0e7d7adc29385b9b6d85b419ccbd76d8 MD5 of 7447515922875a22c67fdc37e6369837f803fc16 2025-06-04
FileHash-MD5 25333ef17ac853a3842ab26766671b35 MD5 of 576b2690d44af5637b43d9bf53d1acddd3119578 2025-06-04
FileHash-MD5 2839997699a4911897c6b46534162bcd MD5 of c457d0418906ba8ffd12b0564a04743a7ebf4766 2025-06-04
FileHash-MD5 2c1273fdca3ac27765d5b5bcb15ab4e4 MD5 of 1d8025ae612a7205168b599872367042ac3ea2f4 2025-06-04
FileHash-MD5 2c7ccc568ca164306d5a4c1561352390 MD5 of bfe1ad19730f6e65c33e924aaff02c6452708625 2025-06-04
FileHash-MD5 2d0ea62bfc2a11c50d48e31b60fb5232 MD5 of 1f1af6a4a618ad3395ee9ac25933fc051dc8027e 2025-06-04
FileHash-MD5 2e5daec673f315822c997c7271b1d36d MD5 of 50d924dd9c11f62a653d1c81dc0c1c3f528fd47f 2025-06-04
FileHash-MD5 433965297fbb5a2581d0e7b95eb5b541 MD5 of 5b65a3d9f2b2e248e49b0ad05cff480220ae44ed 2025-06-04
FileHash-MD5 7a89209daa32f3920e9db54e69f63b61 MD5 of 0bf4d41b44c18c19d1bb4a9327c19abdf3ecb83b 2025-06-04
FileHash-MD5 867fe44f0b7ef4261fb793b898b2998d MD5 of d60e3714e64908d48e803efd9e43df699f59bb07 2025-06-04
FileHash-MD5 8a7368488ab678a2f7cd191074d7a643 MD5 of 011970e45a96f0fa4edafcc1ea401e64136cb90e 2025-06-04
FileHash-MD5 8d4c37d7680c74a1d3019f05ed413b6e MD5 of 45b0a602ba3960233ed7a5db00dc14749cab836f 2025-06-04
FileHash-MD5 946b20f038cfce914f017eac78e3f4f9 MD5 of 7b7dac02555107c96224e899e34f7c90cdeb0322 2025-06-04
FileHash-MD5 9c1579d1271b5e84fc1bec21e4162d5b MD5 of e0ebe310d6c59a37a7a5f774cba94de8e7691fde 2025-06-04
FileHash-MD5 b3084ffe52aad4aff64bf5d13bf22d8e MD5 of 43e60e47ccda3975f3d873a2ab478466f39a3a88 2025-06-04
FileHash-MD5 cc442e15f4f6267f310507a59dbe0c15 MD5 of 6d137a11c4435dcf39a8742a61bb66e501d8dd4b 2025-06-04
FileHash-MD5 ce377bf7afa8eeb57734fc4df92c4cf8 MD5 of de52888913ed587c18e4aadabce81876d282d708 2025-06-04
FileHash-MD5 d71d4789387c1ec6cef2e945d2fe56e2 MD5 of 60977959cdd728fefa8164c9da212b89121cebfd 2025-06-04
FileHash-MD5 e8248bf6321024f4acc19f321fdd34fd MD5 of e06cde7ab0017b402fd781c052efdae209fe5a35 2025-06-04
FileHash-MD5 f288986205674b61f1ff2b917ae6c93a MD5 of c234a9b69552b912e0a1161dbb83aa7b99ff48c7 2025-06-04
FileHash-MD5 07605954da75a167d8dd482995957510 2025-06-04
FileHash-MD5 0b9f11a0719555c3cf3559b740f1da97 2025-06-04
FileHash-MD5 0c68c234897db777a0daaea69f6145a2 2025-06-04
FileHash-MD5 17d5d46b2fb58097839f52a044b65005 MD5 of 228dc6fc443c60fb58240808dfcde19b4263c817827d3fe2b4aaca78faa50ecb 2025-06-04
FileHash-MD5 278bcb5c8b143cfdbd36216070a5db1d MD5 of f193f38a3cc6d080030471c9e032f4764fcbf4e5d1d10903d55aaaa2effbe93f 2025-06-04
FileHash-MD5 35933d8084099875cec8be63388b61b0 MD5 of 6a9caa5ec86ae50c6c85f58264ba5b32977a3086e8f557e13b4c441c059537d3 2025-06-04
FileHash-MD5 48aa5c8931746a9655524f67b25a47ef 2025-06-04
FileHash-MD5 526426126ae5d326d0a24706c77d8c5c 2025-06-04
FileHash-MD5 588ad65954053f7d33d7fe045c1b122d 2025-06-04
FileHash-MD5 5abc80402c9d19c20f7b826bb0e684f3 MD5 of 16002bc1ae8405413220532d9bbe0caf2595b15748b353337a31e0eed11bb03d 2025-06-04
FileHash-MD5 5b2e5d7e859674a29bbdafac87e78b56 MD5 of c06ec1c9e779c368a450a5a7569b3e1123b2018e7311578bdf63435950bee3a0 2025-06-04
FileHash-MD5 75d9405009f9b6350b0013551a1a38a1 MD5 of cf405be86f45e6c21a5cadee60e8d276f609639a1622b142d0e253dba5f45b50 2025-06-04
FileHash-MD5 7cc59469ee5ef813db38ea9a34e4bbf7 2025-06-04
FileHash-MD5 82641bc11345431aa628fb44e17b909a 2025-06-04
FileHash-MD5 92dc6ef532fbb4a5c3201469a5b5eb63 2025-06-04
FileHash-MD5 9b3a6826a949b7471371bbc1225bdb85 2025-06-04
FileHash-MD5 a61fc7f6b257a24ab4a511428482fa4f MD5 of 549e069ad47f3d686226e9bac0dd13d747654409b9f390e420a8b800c615ef1f 2025-06-04
FileHash-MD5 c082f12dcab762bb06d8884f3e624cf7 MD5 of 8b6f20b8547d702ce9904321c323283bc3a421ce2d06ba767ca5f85c350dcabc 2025-06-04
FileHash-MD5 d6daaa9949ec6fd33c8aad5f30ed686a 2025-06-04
FileHash-MD5 e8d8c791f7f43348fb8bed69e959641a MD5 of 2bfa8f8cb9f7040da43f14342303346c0a67084fb20f41c8eaf1f049c4f02cfc 2025-06-04
FileHash-MD5 eb5eaefb728800aa41e49cad7827d4b3 MD5 of 7c6804662acb18dc21dc55034f1b01f74ef21e38a06bcd1ab828ebf5fae95aac 2025-06-04
FileHash-MD5 1c941f065e084dda7f58588eeb00fc44 2025-06-04
FileHash-MD5 95d8f4d5d6dcc86b81d18e5e79068ef6 2025-06-04