Pulse Detail — Threat Intelligence

PULSE NAME

Strike Ready

WHITE CyberHunter_NL 2025-08-27 Modified: 2025-08-27

IOCs

HIGH VOLUME

A South Asian APT has been targeting military-adjacent people in Pakistan, Sri Lanka, Pakistan and Turkey, exposing novel tooling and a new generation of malware that targets those who work in the military.

MITRE ATT&CK & Malware Families

MALWARE FAMILIES

Asian Rafel

Indicators of Compromise (88)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	01011bd3c58141165f2a4551f4c40609	—	2025-08-27
FileHash-MD5	0d106fd047d6a744b1dbecddbe9c2e99	—	2025-08-27
FileHash-MD5	12b6483d4843e99b57b86379197208cd	—	2025-08-27
FileHash-MD5	33fe3e792a0e98fb890b6393f31ae5cb	—	2025-08-27
FileHash-MD5	3b26fcd7c6994598dc53bb3f69725d68	—	2025-08-27
FileHash-MD5	3c47053adffd39b467592d13398060b5	—	2025-08-27
FileHash-MD5	4e13a48db966b3ebffb1fd49b3d2af8e	—	2025-08-27
FileHash-MD5	65a08e14ca41bfedf483d1ada74844a9	—	2025-08-27
FileHash-MD5	67e7cf00aa82d9b4cf0db2b55b7fb0b9	—	2025-08-27
FileHash-MD5	6e930ad2ab7e97da818f54bfbb45b759	—	2025-08-27
FileHash-MD5	73f142ae7c6c10fbb18f439b6410af4f	—	2025-08-27
FileHash-MD5	78bc9707f298552b7087ef385f098912	—	2025-08-27
FileHash-MD5	94e6911b0a99b54391735dfc70b4187d	—	2025-08-27
FileHash-MD5	9a7510e780ef40d63ca5ab826b1e9dab	—	2025-08-27
FileHash-MD5	abbb7063e3a6d03cf180f73b6ac15ee2	—	2025-08-27
FileHash-MD5	aef81736c6dcaf8b67775602cbf9ccbd	—	2025-08-27
FileHash-MD5	b8eda465ffbc197d80a9ce7ab785f07a	—	2025-08-27
FileHash-MD5	c2ee24fb4aa103b4c1a8e8169d3a9f47	—	2025-08-27
FileHash-MD5	c8d2bf204349853b6d7d810ed2698924	—	2025-08-27
FileHash-MD5	ce417487ac9ccfbb31fa28fde9365fd7	—	2025-08-27
FileHash-MD5	cf9914eca9f8ae90ddd54875506459d6	—	2025-08-27
FileHash-MD5	dfa353ac65b29df7d14f72aca7d52f12	—	2025-08-27
FileHash-MD5	e573a2cd2b6a24255c400055d06342b9	—	2025-08-27
FileHash-SHA1	48d1fa9a742d974a66efada6ff16c83659332820	SHA1 of 01011bd3c58141165f2a4551f4c40609	2025-08-27
FileHash-SHA1	74f8de4edd555c9d334bc66cef11831a87a3d033	SHA1 of b8eda465ffbc197d80a9ce7ab785f07a	2025-08-27
FileHash-SHA1	8c47707ef68a9576c0b48a0a99d82f31f67cd762	SHA1 of 9a7510e780ef40d63ca5ab826b1e9dab	2025-08-27
FileHash-SHA1	8e1cbfe683bc4587cdbfaba37d71f8241693ea54	SHA1 of 3b26fcd7c6994598dc53bb3f69725d68	2025-08-27
FileHash-SHA1	c84d4ee410ed56ccad32641f28881ba154a7b6aa	SHA1 of 4e13a48db966b3ebffb1fd49b3d2af8e	2025-08-27
FileHash-SHA256	1499d8282ef4c2b5efa033ad74567757649ee5777d5f995f04b691b78f0518bf	SHA256 of b8eda465ffbc197d80a9ce7ab785f07a	2025-08-27
FileHash-SHA256	33bee15de0506e8921b10f0875f0944660521d9545210b4a2ab3e884b86e44e5	SHA256 of 3b26fcd7c6994598dc53bb3f69725d68	2025-08-27
FileHash-SHA256	a7b1c213266d46c0debc0f67e0ae52cd6d746421abc4a6acc127ad26377fc3a7	SHA256 of 9a7510e780ef40d63ca5ab826b1e9dab	2025-08-27
FileHash-SHA256	d3d706c98545690a4e7f73c65501284586256dc6dae925ef16d36e1bba5b789b	SHA256 of 4e13a48db966b3ebffb1fd49b3d2af8e	2025-08-27
FileHash-SHA256	fe6fa7f3201febf07362a327cc178c9587c403350073211bb5d5cb39fd82a63a	SHA256 of 01011bd3c58141165f2a4551f4c40609	2025-08-27
URL	http://quickhelpsolve.com/asdf.6786708906	—	2025-08-27
URL	http://updatemind52.com/Love_Chat.apk	—	2025-08-27
URL	http://updatemind52.com/Love_Chat.apk.	—	2025-08-27
URL	http://updatemind52.com/asdf.6786708906	—	2025-08-27
URL	https://quickhelpsolve.com/public/commands.php	—	2025-08-27
domain	downloadattachment.com	—	2025-08-27
domain	inboxofficial-bd.com	—	2025-08-27
domain	isexychat.com	—	2025-08-27
domain	kutcat-rat.com	—	2025-08-27
domain	lovehabibi.com	—	2025-08-27
domain	mailbox-inbox-bd.com	—	2025-08-27
domain	mailbox3-inbox1-bd.com	—	2025-08-27
domain	mailserver-lk.com	—	2025-08-27
domain	mailservicess.com	—	2025-08-27
domain	play-googyle.com	—	2025-08-27
domain	playservicess.com	—	2025-08-27
domain	quickhelpsolve.com	—	2025-08-27
domain	securedownloadfiles.com	—	2025-08-27
domain	updatemind52.com	—	2025-08-27
hostname	apm.vpce.gdw55e.quickhelpsolve.com	—	2025-08-27
hostname	bsgrouponline.com.webmail.pdf.updatemind52.com	—	2025-08-27
hostname	cloud.file.pdf.updatemind52.com	—	2025-08-27
hostname	cloud.files.pdf.updatemind52.com	—	2025-08-27
hostname	cloud.national.email.file.updatemind52.com	—	2025-08-27
hostname	cloud.national.email.pdf.updatemind52.com	—	2025-08-27
hostname	cloud.secured.file.updatemind52.com	—	2025-08-27
hostname	drive.egovcloud.gov.bd.quickhelpsolve.com	—	2025-08-27
hostname	ebmail.police.gov.bd.updatemind52.com	—	2025-08-27
hostname	gov.bd.cloud.file.updatemind52.com	—	2025-08-27
hostname	gov.bd.file.pdf.updatemind52.com	—	2025-08-27
hostname	gov.bd.file.quickhelpsolve.com	—	2025-08-27
hostname	gov.bd.file.updatemind52.com	—	2025-08-27
hostname	gov.bd.pdf.updatemind52.com	—	2025-08-27
hostname	gov.bd.secured.updatemind52.com	—	2025-08-27
hostname	live.login.account.out.quickhelpsolve.com	—	2025-08-27
hostname	mail.163.com.files.updatemind52.com	—	2025-08-27
hostname	mail.awany.org.file.updatemind52.com	—	2025-08-27
hostname	mail.baf.mil.bd.pdf.quickhelpsolve.com	—	2025-08-27
hostname	mail.bangladesh.air.quickhelpsolve.com	—	2025-08-27
hostname	mail.bcc.gov.bd.pdf.quickhelpsolve.com	—	2025-08-27
hostname	mail.bhclondon.org.uk.quickhelpsolve.com	—	2025-08-27
hostname	mail.drive.gov.bd.files.updatemind52.com	—	2025-08-27
hostname	mail.gov.bd.account.file.updatemind52.com	—	2025-08-27
hostname	mail.mofa.gov.pk.file.updatemind52.com	—	2025-08-27
hostname	mail.mofa.gov.pk.pdf.updatemind52.com	—	2025-08-27
hostname	mailairforce.quickhelpsolve.com	—	2025-08-27
hostname	mails.navy.mll.bd.account.file.centralized-email-system-np.com	—	2025-08-27
hostname	profen.com.fil.login.updatemind52.com	—	2025-08-27
hostname	webmail.bmsdefence.com.pdf.updatemind52.com	—	2025-08-27
hostname	webmail.paragonms.com.pk.pdf.updatemind52.com	—	2025-08-27
hostname	webmail.police.gov.bd.updatemind52.com	—	2025-08-27
hostname	webmail.profen.com.pdf.updatemind52.com	—	2025-08-27
hostname	webmail.timgosavunma.com.tr.file.updatemind52.com	—	2025-08-27
hostname	webmil.assangroup.com.tr.asd.updatemind52.com	—	2025-08-27
hostname	www.centralized-email-system-np.com	—	2025-08-27

References (1)

↗ https://strikeready.com/blog/apt-android-phishing-microsoft/