← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
APT: Android, Phishing, microsofT.
WHITE PetrP.73 2025-08-25 Modified: 2025-08-25
117
IOCs
HIGH VOLUME
A South Asian Advanced Persistent Threat (APT) group has been actively targeting individuals associated with military and defense sectors in Sri Lanka, Bangladesh, Pakistan, and Turkey. This threat actor employs a combination of sophisticated techniques to compromise mobile devices, particularly Android phones. The group's infrastructure and novel malware tooling have been designed to bypass security measures and facilitate espionage operations.
stronggeneraldgdpbangladeshgovernmentbangladesh airfigureministrychiefarmy staffandroidphishingdecoydemophishfirstdemonrafel rataprilfebruaryasianrafel
Indicators of Compromise (4 / 117 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname email
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 74f8de4edd555c9d334bc66cef11831a87a3d033 SHA1 of b8eda465ffbc197d80a9ce7ab785f07a 2025-08-25
FileHash-SHA1 8c47707ef68a9576c0b48a0a99d82f31f67cd762 SHA1 of 9a7510e780ef40d63ca5ab826b1e9dab 2025-08-25
FileHash-SHA1 8e1cbfe683bc4587cdbfaba37d71f8241693ea54 SHA1 of 3b26fcd7c6994598dc53bb3f69725d68 2025-08-25
FileHash-SHA1 c84d4ee410ed56ccad32641f28881ba154a7b6aa SHA1 of 4e13a48db966b3ebffb1fd49b3d2af8e 2025-08-25
References (1)
↗ https://strikeready.com/blog/apt-android-phishing-microsoft/