← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
BladedFeline: Unmasking the Iran-Aligned Cyberespionage Group
Dive into ESET's comprehensive analysis of BladedFeline, an Iran-aligned APT group with likely ties to OilRig. This report uncovers the group's sophisticated cyberespionage operations targeting Kurdish and Iraqi government officials. Learn about their advanced tools, including the Whisper backdoor and PrimeCache IIS module, and their persistent efforts to maintain access to high-ranking officials.
MITRE ATT&CK & Malware Families
Indicators of Compromise (21)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 4cc88ce123b0da8d75c0fe66a39339f6 | — | 2025-06-09 | |
| FileHash-MD5 | 6cc148363200798a12091b97a17181a1 | MD5 of be0ad25b7b48347984908175404996531cfd74b7 | 2025-06-09 | |
| FileHash-SHA1 | 562e1678ec8fdc1d83a3f73eb511a6dda08f3b3d | — | 2025-06-09 | |
| FileHash-SHA1 | be0ad25b7b48347984908175404996531cfd74b7 | — | 2025-06-09 | |
| FileHash-SHA256 | dbaf4a8c8431fd80cc5160dfdaca7adb301adc26ab7e3a48be9543edf539ea8d | SHA256 of be0ad25b7b48347984908175404996531cfd74b7 | 2025-06-09 | |
| URL | http://178.209.51.61:8000/wincapsrv.exe | — | 2025-06-09 | |
| URL | https://zaincell.store/request/ | — | 2025-06-09 | |
| domain | domain.computer | — | 2025-06-09 | |
| domain | olinpa.com | — | 2025-06-09 | |
| domain | zaincell.store | — | 2025-06-09 | |
| hostname | dropper.agent.gi | — | 2025-06-09 | |
| FileHash-SHA256 | 6ca8da229804b5cbe519b0f8837f8e43b02f79b9e4e762f5c79019ac129c51a3 | — | 2025-06-09 | |
| hostname | apps.iqwebservice.com | — | 2025-06-09 | |
| hostname | base32.iqwebservice.com | — | 2025-06-09 | |
| hostname | ns1.iqwebservice.com | — | 2025-06-09 | |
| hostname | ns2.iqwebservice.com | — | 2025-06-09 | |
| domain | agent.gi | — | 2025-06-09 | |
| URL | https://zaincell.store/request/<UID> | — | 2025-06-09 | |
| domain | iqwebservice.com | — | 2025-06-09 | |
| URL | http://dropper.agent.gi | — | 2025-06-09 | |
| URL | https://dropper.agent.gi | — | 2025-06-09 |