← Back to Pulse Feed
PULSE DETAIL
Recently, the 360 Advanced Threat Team found that the Transparent Tribe group launched indiscriminate attacks against Windows and Linux systems, with targeted and covert attack methods. In a Windows environment, attackers use.ppam files as carriers to download malicious payloads by embedding macro code, which in turn triggers a complex multi-stage attack chain and ultimately achieves the purpose of stealing secrets; in a Linux environment, attackers use desktop applications to distribute malicious payloads, completing the attack by disguising the file name as the.pdf.desktop suffix to induce the user to execute it.
Indicators of Compromise (52)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 10b7139952e3daae8f9d7ee407696ccf | — | 2025-10-17 | |
| FileHash-MD5 | 1ded71930d997de43a68e098d232e2e5 | — | 2025-10-17 | |
| FileHash-MD5 | 311f9894297fb1624a2c99ac5c8d8abf | — | 2025-10-17 | |
| FileHash-MD5 | 3d272caf8bd0342550d65a425ef86f4d | — | 2025-10-17 | |
| FileHash-MD5 | 55c020ba4045b92622bf0e0a43b3ca9d | — | 2025-10-17 | |
| FileHash-MD5 | 5a25a5fc22f2adfe42ac493fd3757f6f | — | 2025-10-17 | |
| FileHash-MD5 | 7405ce819ef85fd219c6a204b48cdae1 | — | 2025-10-17 | |
| FileHash-MD5 | 9fceef2d082a1df7779f5a09311c9a76 | — | 2025-10-17 | |
| FileHash-MD5 | a484f85d132609a4a6b5ed65ece7d331 | — | 2025-10-17 | |
| FileHash-MD5 | ab6022bde19d8495c56812ef5d1c6186 | — | 2025-10-17 | |
| FileHash-MD5 | abd95f897f392b19873d5fb0c7df8316 | — | 2025-10-17 | |
| FileHash-MD5 | aff4b4f121aba5046f781fc6aafe8de2 | — | 2025-10-17 | |
| FileHash-MD5 | e1b4572ea0780c963043819016f4c7a8 | — | 2025-10-17 | |
| FileHash-MD5 | ed923d191cc1f60b189b8356fdbf64d8 | — | 2025-10-17 | |
| FileHash-SHA1 | 1982f09bfab3a6688bb80249a079db1a759214b7 | SHA1 of a484f85d132609a4a6b5ed65ece7d331 | 2025-10-17 | |
| FileHash-SHA1 | 1f9a48ab60d15b292307b97e954b5cc3b4e91c31 | SHA1 of 9fceef2d082a1df7779f5a09311c9a76 | 2025-10-17 | |
| FileHash-SHA1 | 3d0d953b8469d0c138f8cb46532c1897c4ca8543 | SHA1 of abd95f897f392b19873d5fb0c7df8316 | 2025-10-17 | |
| FileHash-SHA1 | 4890bdfa16781fdad38ac0446106e1b892efd9b6 | SHA1 of 7405ce819ef85fd219c6a204b48cdae1 | 2025-10-17 | |
| FileHash-SHA1 | 516e2e684eaa09dd88c9d5d78144d8794ec87a3f | SHA1 of e1b4572ea0780c963043819016f4c7a8 | 2025-10-17 | |
| FileHash-SHA1 | 56a3ae43b1b6b846121a46f5d0b0b13c12d025d5 | SHA1 of 55c020ba4045b92622bf0e0a43b3ca9d | 2025-10-17 | |
| FileHash-SHA1 | 68056493bc4e2089f391f0ffce6fdbb2f86effab | SHA1 of aff4b4f121aba5046f781fc6aafe8de2 | 2025-10-17 | |
| FileHash-SHA1 | 8cbd09508dd727ba27fe6ba56be1b81fae03ec4b | SHA1 of 1ded71930d997de43a68e098d232e2e5 | 2025-10-17 | |
| FileHash-SHA1 | 8d2d4bc0222730ab47c442f2910982a57ba95421 | SHA1 of ab6022bde19d8495c56812ef5d1c6186 | 2025-10-17 | |
| FileHash-SHA1 | b4760af337e8d014bafc61c5a5fbd6f0cde623a7 | SHA1 of ed923d191cc1f60b189b8356fdbf64d8 | 2025-10-17 | |
| FileHash-SHA1 | d50c30ca2b06f8d1a57dfc83e4b9891c711ca932 | SHA1 of 3d272caf8bd0342550d65a425ef86f4d | 2025-10-17 | |
| FileHash-SHA1 | df9139671201190db40e4433a3c078a632011077 | SHA1 of 5a25a5fc22f2adfe42ac493fd3757f6f | 2025-10-17 | |
| FileHash-SHA1 | e33ea8b36b841c6ef2703172c96148defce65458 | SHA1 of 311f9894297fb1624a2c99ac5c8d8abf | 2025-10-17 | |
| FileHash-SHA1 | f2ada639ba011727b5036c804e30ca37cb61d432 | SHA1 of 10b7139952e3daae8f9d7ee407696ccf | 2025-10-17 | |
| FileHash-SHA256 | 10b54abba525686869c9da223250f70270a742b1a056424c943cfc438c40cc50 | SHA256 of 1ded71930d997de43a68e098d232e2e5 | 2025-10-17 | |
| FileHash-SHA256 | 24fa4e4d0cc17690c02cd73b108ada53f335be570976b2aa50249970ff8876d2 | SHA256 of ed923d191cc1f60b189b8356fdbf64d8 | 2025-10-17 | |
| FileHash-SHA256 | 264d88624ec527458d4734eff6f1e534fcacb77e5616ae61abed94a941389232 | SHA256 of ab6022bde19d8495c56812ef5d1c6186 | 2025-10-17 | |
| FileHash-SHA256 | 2c367dd5d608425a1b29c17b02c36fc6ed93894b195b28c74c018c314cde13ce | SHA256 of 9fceef2d082a1df7779f5a09311c9a76 | 2025-10-17 | |
| FileHash-SHA256 | 499f16ed2def90b3d4c0de5ca22d8c8080c26a1a405b4078e262a0a34bcb1e31 | SHA256 of e1b4572ea0780c963043819016f4c7a8 | 2025-10-17 | |
| FileHash-SHA256 | 6347f46d77a47b90789a1209b8f573b2529a6084f858a27d977bf23ee8a79113 | SHA256 of a484f85d132609a4a6b5ed65ece7d331 | 2025-10-17 | |
| FileHash-SHA256 | 662890bb5baba4a7a9ba718bdedd6991fbf9867c83e676172f5527617e05cafa | SHA256 of aff4b4f121aba5046f781fc6aafe8de2 | 2025-10-17 | |
| FileHash-SHA256 | 6cd0d4954b6f30d5690755251378200ec3eb12417e992b3d68c8a052f84d9bfc | SHA256 of 311f9894297fb1624a2c99ac5c8d8abf | 2025-10-17 | |
| FileHash-SHA256 | 869905271dacaf1d157dd5c8b75ac15899ab8cf4fc264c73a9cb0b7d9360f43a | SHA256 of 3d272caf8bd0342550d65a425ef86f4d | 2025-10-17 | |
| FileHash-SHA256 | 8f8da8861c368e74b9b5c1c59e64ef00690c5eff4a95e1b4fcf386973895bef1 | SHA256 of 10b7139952e3daae8f9d7ee407696ccf | 2025-10-17 | |
| FileHash-SHA256 | c58c40c266e4939127403452038be3378beea502aa96323f4c1d87c05fadaf7a | SHA256 of 5a25a5fc22f2adfe42ac493fd3757f6f | 2025-10-17 | |
| FileHash-SHA256 | dc64c34ba92375f8dc8ae8cf90a1f535a0aa5a29fcf965af5ad4982cd16e9d71 | SHA256 of abd95f897f392b19873d5fb0c7df8316 | 2025-10-17 | |
| FileHash-SHA256 | ece1620e218f2c8b68312c874697c183f400c72a42855d885fc00865e0ccc1a1 | SHA256 of 55c020ba4045b92622bf0e0a43b3ca9d | 2025-10-17 | |
| FileHash-SHA256 | eeb334c2907abd767cab490f92fa93931951a5f8ab8e8c79e4180528a3210156 | SHA256 of 7405ce819ef85fd219c6a204b48cdae1 | 2025-10-17 | |
| URL | http://101.99.94.109:8080 | — | 2025-10-17 | |
| URL | http://45.155.54.122:8080 | — | 2025-10-17 | |
| URL | http://45.155.54.28:8080 | — | 2025-10-17 | |
| domain | filestore.space | — | 2025-10-17 | |
| domain | modgovindia.space | — | 2025-10-17 | |
| domain | securestore.cv | — | 2025-10-17 | |
| domain | seemysitelive.store | — | 2025-10-17 | |
| domain | sinjita.store | — | 2025-10-17 | |
| domain | solarwindturbine.site | — | 2025-10-17 | |
| domain | trmm.space | — | 2025-10-17 |
References (1)