← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Threat Actors Weaponize Gopackages to Deliver Obfuscated Remote Payloads
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting the Go programming language ecosystem through eleven malicious packages and ten of which are still active on the Go Module registry.
Indicators of Compromise (28)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 543a58beb485c2aec5ea49da0eaf0db2 | MD5 of 42f3f9d2684328575847f3115fcd6f759cc47b0f21b3d4fea480de0f34a1e947 | 2025-08-08 | |
| FileHash-MD5 | ac854c6af3b925b141517d1a376e43a4 | MD5 of 844013025bf7c5d01e6f48df0e990103ad3c333be31f54cf5301e1463f6ca441 | 2025-08-08 | |
| FileHash-MD5 | f6896aef03c640e5f53b0054ce9571e6 | MD5 of 4a8bf419424ff42b736a51472d35a2c172e4c60b762c519b0b2f9eb04690726c | 2025-08-08 | |
| FileHash-SHA1 | 55ee6111b8b88761280c38a0f6369216a321a459 | SHA1 of 42f3f9d2684328575847f3115fcd6f759cc47b0f21b3d4fea480de0f34a1e947 | 2025-08-08 | |
| FileHash-SHA1 | 9dc1d65336631737c55f03c0c1efdfa36fbdc396 | SHA1 of 4a8bf419424ff42b736a51472d35a2c172e4c60b762c519b0b2f9eb04690726c | 2025-08-08 | |
| FileHash-SHA1 | d953dfe92c57e6eea38247ba2ae332b064d8b0b9 | SHA1 of 844013025bf7c5d01e6f48df0e990103ad3c333be31f54cf5301e1463f6ca441 | 2025-08-08 | |
| FileHash-SHA256 | 2b55430b90a500cb2bb9ddc530aeb1ffb8d2f8878148b7204ab7ef998d66eb9d | — | 2025-08-08 | |
| FileHash-SHA256 | 42f3f9d2684328575847f3115fcd6f759cc47b0f21b3d4fea480de0f34a1e947 | — | 2025-08-08 | |
| FileHash-SHA256 | 4a8bf419424ff42b736a51472d35a2c172e4c60b762c519b0b2f9eb04690726c | — | 2025-08-08 | |
| FileHash-SHA256 | 844013025bf7c5d01e6f48df0e990103ad3c333be31f54cf5301e1463f6ca441 | — | 2025-08-08 | |
| FileHash-SHA256 | c8ae8d69f465f2d1ca88907e75471299acbb76b5663dacca1520aaa4d99d7b43 | — | 2025-08-08 | |
| URL | https://alturastreet.icu/storage/de373d0df/a31546bf | 71b45e74b8fcc4d9f16d80f5713565738d23a8b13e293bc456b66bc263580f33 | 2025-08-08 | |
| URL | https://carvecomi.fun/storage/de373d0df/a31546bf | — | 2025-08-08 | |
| URL | https://infinityhel.icu/storage/bbb28ef04/fa31546b | — | 2025-08-08 | |
| URL | https://infinityhel.icu/storage/de373d0df/a31546bf | — | 2025-08-08 | |
| URL | https://kaiaflow.icu/storage/bbb28ef04/fa31546b | — | 2025-08-08 | |
| URL | https://kaiaflow.icu/storage/de373d0df/a31546bf | — | 2025-08-08 | |
| URL | https://kavarecent.icu/storage/de373d0df/a31546bf | — | 2025-08-08 | |
| URL | https://monsoletter.icu/storage/de373d0df/a31546bf | — | 2025-08-08 | |
| URL | https://monsoletter.icu/storage/de373d0df/f0eee999 | — | 2025-08-08 | |
| URL | https://nymclassic.tech/storage/de373d0df/a31546bf | — | 2025-08-08 | |
| domain | alturastreet.icu | — | 2025-08-08 | |
| domain | carvecomi.fun | — | 2025-08-08 | |
| domain | infinityhel.icu | — | 2025-08-08 | |
| domain | kaiaflow.icu | — | 2025-08-08 | |
| domain | kavarecent.icu | — | 2025-08-08 | |
| domain | monsoletter.icu | — | 2025-08-08 | |
| domain | nymclassic.tech | — | 2025-08-08 |