← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
ZipLine Phishing Campaign Targets U.S. Manufacturing - Check Point Research
WHITE CyberHunter_NL 2025-08-27 Modified: 2025-09-26
30
IOCs
MEDIUM VOLUME
stringmixshellzip archiveziplinecontactzip fileip addresscom objectcheck pointdns txtpowershellformmarkersmall
Indicators of Compromise (14 / 30 total)
All FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 155bccbd11066ce5bf117537d140b920f9b98eaa0d3b86bdc8a04ac702a7a1ef 2025-08-27
FileHash-SHA256 15d024631277f72df40427b8c50e354b340fac38b468f34826cc613b4650e74c 2025-08-27
FileHash-SHA256 2c7bc0ebbbfa282fc3ed3598348d361914fecfea027712f47c4f6cfcc705690f 2025-08-27
FileHash-SHA256 36b065f19f1ac2642c041002bc3e28326bec0aa08d288ca8a2d5c0d7a82b56e6 2025-08-27
FileHash-SHA256 4dcff9a3a71633d89a887539e5d7a3dd6cc239761e9a42f64f42c5c4209d2829 2025-08-27
FileHash-SHA256 71dec9789fef835975a209f6bc1a736c4f591e5eeab20bdff63809553085b192 2025-08-27
FileHash-SHA256 81c1a8e624306c8a66a44bfe341ec70c6e3a3c9e70ac15c7876fcbbe364d01cd 2025-08-27
FileHash-SHA256 83b27e52c420b6132f8034e7a0fd9943b1f4af3bdb06cdbb873c80360e1e5419 2025-08-27
FileHash-SHA256 d39e177261ce9a354b4712f820ada3ee8cd84a277f173ecfbd1bf6b100ddb713 2025-08-27
FileHash-SHA256 d6e1e4cc89c01d5c944ac83b85efa27775103b82fece5a6f83be45e862a4b61e 2025-08-27
FileHash-SHA256 e69d8b96b106816cb732190bc6f8c2693aecb6056b8f245e2c15841fcb48ff94 2025-08-27
FileHash-SHA256 f44107475d3869253f393dbcb862293bf58624c6e8e3f106102cf6043d68b0af 2025-08-27
FileHash-SHA256 f531bec8ad2d6fddef89e652818908509b7075834a083729cc84eef16c6957d2 2025-08-27
FileHash-SHA256 f5a80b08d46b947ca42ac8dbd0094772aa3111f020a4d72cb2edc4a6c9c37926 2025-08-27
References (1)
↗ https://research.checkpoint.com/2025/zipline-phishing-campaign/