← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
APT: Android, Phishing, microsofT.
WHITE PetrP.73 2025-08-25 Modified: 2025-08-25
117
IOCs
HIGH VOLUME
A South Asian Advanced Persistent Threat (APT) group has been actively targeting individuals associated with military and defense sectors in Sri Lanka, Bangladesh, Pakistan, and Turkey. This threat actor employs a combination of sophisticated techniques to compromise mobile devices, particularly Android phones. The group's infrastructure and novel malware tooling have been designed to bypass security measures and facilitate espionage operations.
stronggeneraldgdpbangladeshgovernmentbangladesh airfigureministrychiefarmy staffandroidphishingdecoydemophishfirstdemonrafel rataprilfebruaryasianrafel
Indicators of Compromise (117)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname email
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 01011bd3c58141165f2a4551f4c40609 2025-08-25
FileHash-MD5 0d106fd047d6a744b1dbecddbe9c2e99 2025-08-25
FileHash-MD5 12b6483d4843e99b57b86379197208cd 2025-08-25
FileHash-MD5 33fe3e792a0e98fb890b6393f31ae5cb 2025-08-25
FileHash-MD5 3b26fcd7c6994598dc53bb3f69725d68 2025-08-25
FileHash-MD5 3c47053adffd39b467592d13398060b5 2025-08-25
FileHash-MD5 4e13a48db966b3ebffb1fd49b3d2af8e 2025-08-25
FileHash-MD5 65a08e14ca41bfedf483d1ada74844a9 2025-08-25
FileHash-MD5 67e7cf00aa82d9b4cf0db2b55b7fb0b9 2025-08-25
FileHash-MD5 6e930ad2ab7e97da818f54bfbb45b759 2025-08-25
FileHash-MD5 73f142ae7c6c10fbb18f439b6410af4f 2025-08-25
FileHash-MD5 78bc9707f298552b7087ef385f098912 2025-08-25
FileHash-MD5 94e6911b0a99b54391735dfc70b4187d 2025-08-25
FileHash-MD5 9a7510e780ef40d63ca5ab826b1e9dab 2025-08-25
FileHash-MD5 abbb7063e3a6d03cf180f73b6ac15ee2 2025-08-25
FileHash-MD5 aef81736c6dcaf8b67775602cbf9ccbd 2025-08-25
FileHash-MD5 b8eda465ffbc197d80a9ce7ab785f07a 2025-08-25
FileHash-MD5 c2ee24fb4aa103b4c1a8e8169d3a9f47 2025-08-25
FileHash-MD5 c8d2bf204349853b6d7d810ed2698924 2025-08-25
FileHash-MD5 ce417487ac9ccfbb31fa28fde9365fd7 2025-08-25
FileHash-MD5 cf9914eca9f8ae90ddd54875506459d6 2025-08-25
FileHash-MD5 dfa353ac65b29df7d14f72aca7d52f12 2025-08-25
FileHash-MD5 e573a2cd2b6a24255c400055d06342b9 2025-08-25
FileHash-SHA1 74f8de4edd555c9d334bc66cef11831a87a3d033 SHA1 of b8eda465ffbc197d80a9ce7ab785f07a 2025-08-25
FileHash-SHA1 8c47707ef68a9576c0b48a0a99d82f31f67cd762 SHA1 of 9a7510e780ef40d63ca5ab826b1e9dab 2025-08-25
FileHash-SHA1 8e1cbfe683bc4587cdbfaba37d71f8241693ea54 SHA1 of 3b26fcd7c6994598dc53bb3f69725d68 2025-08-25
FileHash-SHA1 c84d4ee410ed56ccad32641f28881ba154a7b6aa SHA1 of 4e13a48db966b3ebffb1fd49b3d2af8e 2025-08-25
FileHash-SHA256 1499d8282ef4c2b5efa033ad74567757649ee5777d5f995f04b691b78f0518bf SHA256 of b8eda465ffbc197d80a9ce7ab785f07a 2025-08-25
FileHash-SHA256 33bee15de0506e8921b10f0875f0944660521d9545210b4a2ab3e884b86e44e5 SHA256 of 3b26fcd7c6994598dc53bb3f69725d68 2025-08-25
FileHash-SHA256 a7b1c213266d46c0debc0f67e0ae52cd6d746421abc4a6acc127ad26377fc3a7 SHA256 of 9a7510e780ef40d63ca5ab826b1e9dab 2025-08-25
FileHash-SHA256 d3d706c98545690a4e7f73c65501284586256dc6dae925ef16d36e1bba5b789b SHA256 of 4e13a48db966b3ebffb1fd49b3d2af8e 2025-08-25
URL http://quickhelpsolve.com/asdf.6786708906 2025-08-25
URL http://updatemind52.com/Love_Chat.apk 2025-08-25
URL http://updatemind52.com/Love_Chat.apk. 2025-08-25
URL http://updatemind52.com/asdf.6786708906 2025-08-25
URL https://quickhelpsolve.com/public/commands.php 2025-08-25
domain downloadattachment.com 2025-08-25
domain inboxofficial-bd.com 2025-08-25
domain isexychat.com 2025-08-25
domain kutcat-rat.com 2025-08-25
domain lovehabibi.com 2025-08-25
domain mailbox-inbox-bd.com 2025-08-25
domain mailbox3-inbox1-bd.com 2025-08-25
domain mailserver-lk.com 2025-08-25
domain mailservicess.com 2025-08-25
domain play-googyle.com 2025-08-25
domain playservicess.com 2025-08-25
domain quickhelpsolve.com 2025-08-25
domain securedownloadfiles.com 2025-08-25
domain updatemind52.com 2025-08-25
hostname apm.vpce.gdw55e.quickhelpsolve.com 2025-08-25
hostname bsgrouponline.com.webmail.pdf.updatemind52.com 2025-08-25
hostname cloud.file.pdf.updatemind52.com 2025-08-25
hostname cloud.files.pdf.updatemind52.com 2025-08-25
hostname cloud.national.email.file.updatemind52.com 2025-08-25
hostname cloud.national.email.pdf.updatemind52.com 2025-08-25
hostname cloud.secured.file.updatemind52.com 2025-08-25
hostname drive.egovcloud.gov.bd.quickhelpsolve.com 2025-08-25
hostname ebmail.police.gov.bd.updatemind52.com 2025-08-25
hostname gov.bd.cloud.file.updatemind52.com 2025-08-25
hostname gov.bd.file.pdf.updatemind52.com 2025-08-25
hostname gov.bd.file.quickhelpsolve.com 2025-08-25
hostname gov.bd.file.updatemind52.com 2025-08-25
hostname gov.bd.pdf.updatemind52.com 2025-08-25
hostname gov.bd.secured.updatemind52.com 2025-08-25
hostname live.login.account.out.quickhelpsolve.com 2025-08-25
hostname mail.163.com.files.updatemind52.com 2025-08-25
hostname mail.awany.org.file.updatemind52.com 2025-08-25
hostname mail.baf.mil.bd.pdf.quickhelpsolve.com 2025-08-25
hostname mail.bangladesh.air.quickhelpsolve.com 2025-08-25
hostname mail.bcc.gov.bd.pdf.quickhelpsolve.com 2025-08-25
hostname mail.bhclondon.org.uk.quickhelpsolve.com 2025-08-25
hostname mail.drive.gov.bd.files.updatemind52.com 2025-08-25
hostname mail.gov.bd.account.file.updatemind52.com 2025-08-25
hostname mail.mofa.gov.pk.file.updatemind52.com 2025-08-25
hostname mail.mofa.gov.pk.pdf.updatemind52.com 2025-08-25
hostname mailairforce.quickhelpsolve.com 2025-08-25
hostname mails.navy.mll.bd.account.file.centralized-email-system-np.com 2025-08-25
hostname profen.com.fil.login.updatemind52.com 2025-08-25
hostname webmail.bmsdefence.com.pdf.updatemind52.com 2025-08-25
hostname webmail.paragonms.com.pk.pdf.updatemind52.com 2025-08-25
hostname webmail.police.gov.bd.updatemind52.com 2025-08-25
hostname webmail.profen.com.pdf.updatemind52.com 2025-08-25
hostname webmail.timgosavunma.com.tr.file.updatemind52.com 2025-08-25
hostname webmil.assangroup.com.tr.asd.updatemind52.com 2025-08-25
hostname www.centralized-email-system-np.com 2025-08-25
domain aman-2025.zip 2025-08-25
email itdtearmy@gmail.com 2025-08-25
email midtearmy@gmail.com 2025-08-25
email noraramly30121982@gmail.com 2025-08-25
email noraramly30121982@yahoo.com 2025-08-25
hostname 2025-conf-data-file-tr-account-d.netlify.app 2025-08-25
hostname account-file-data-doc-procuremen.netlify.app 2025-08-25
hostname combined-training-and-administrative.netlify.app 2025-08-25
hostname coordination-cas-visit.netlify.app 2025-08-25
hostname drive-army-mil-bd-account-data-file.netlify.app 2025-08-25
hostname drive-baf-mil-bd-share-file.netlify.app 2025-08-25
hostname drive-bcc-registraion-cloud-storage.netlify.app 2025-08-25
hostname drive-newmail-arm-mil-bd-account-data.netlify.app 2025-08-25
hostname drive-rokectsaans-com-tr-account-file.netlify.app 2025-08-25
hostname drive-roketsans-com-tr-account-files.netlify.app 2025-08-25
hostname embassy-of-italy-visit-to-cxb.netlify.app 2025-08-25
hostname goc-visit-program-details-pdf.netlify.app 2025-08-25
hostname gov-bd-account-error-issues.netlify.app 2025-08-25
hostname gov-bd-account-file.netlify.app 2025-08-25
hostname gov-bd-accounts-file-data-d.netlify.app 2025-08-25
hostname gov-bd-cas-visit.netlify.app 2025-08-25
hostname idef2025-com-tr-files-drive-account.netlify.app 2025-08-25
hostname mail-aselsans-com-tr-account-files-da.netlify.app 2025-08-25
hostname mail-baf-mil-bd-account-data-files-document.pages.dev 2025-08-25
hostname mail-baf-mil-bd-fils-cas-visit-to-chi.netlify.app 2025-08-25
hostname mail-mod-gov-bd-account-conf-files.netlify.app 2025-08-25
hostname mail-mod-gov-bd-account-data-file.netlify.app 2025-08-25
hostname mail-mod-gov-np-account-file-data.netlify.app 2025-08-25
hostname newmail-army-mil-bd-owa-apth-mail-dat.netlify.app 2025-08-25
hostname newmail-army-mil-bd-pso-meeting-file.netlify.app 2025-08-25
hostname sdkfjsh23-sdfgdklhg4-efglhdfg4-dfgjkl.netlify.app 2025-08-25
References (1)
↗ https://strikeready.com/blog/apt-android-phishing-microsoft/