← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
WHITE CyberHunter_NL 2025-10-21 Modified: 2025-11-20
36
IOCs
MEDIUM VOLUME
Find out more about Darktrace, the artificial intelligence (AI) technology company, which helps companies detect, prevent and respond to cyber attacks across a range of industries. £1.5bn
networkdarktraceanomalycyber aianalystsignificantip addressaugustredacteddc2esxi devicepossiblemonitoringakiramimikatzanydeskwinrarwinscprubydownloadexploitiobit
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
IObit Akira
Indicators of Compromise (23 / 36 total)
All URL CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
URL https://www.s-rminform.com/latest-thinking/derailing-akira-cyber-threat-intelligence 2025-10-21
URL http://137.184.126.86:8080/vmwaretools 2025-10-21
URL http://156.244.28.153/17ABE7F017ABE7F0 2025-10-21
URL http://85.239.52.96:8000/vmwarecli 2025-10-21
URL http://89.31.121.101:443//Dialog.dat 2025-10-21
URL http://89.31.121.101:443/1.txt 2025-10-21
URL http://89.31.121.101:443/123.tar 2025-10-21
URL http://89.31.121.101:443/123.txt 2025-10-21
URL http://89.31.121.101:443/DgApi.dll 2025-10-21
URL http://89.31.121.101:443/DisplayDialog.exe 2025-10-21
URL http://89.31.121.101:443/NortonLog.txt 2025-10-21
URL http://89.31.121.101:443/WINMM.dll 2025-10-21
URL http://89.31.121.101:443/dbindex.dat 2025-10-21
URL http://89.31.121.101:443/fltLib.dll 2025-10-21
URL http://89.31.121.101:443/imfsbDll.dll 2025-10-21
URL http://89.31.121.101:443/imfsbSvc.exe 2025-10-21
URL http://89.31.121.101:443/pdc.exe 2025-10-21
URL https://fieldeffect.com/blog/update-akira-ransomware-group-targets-sonicwall-vpn-appliances 2025-10-21
URL https://lab52.io/blog/deedrat-backdoor-enhanced-by-chinese-apts-with-advanced-capabilities/ 2025-10-21
URL https://labs.lares.com/fear-kerberos-pt2/#UNPAC 2025-10-21
URL https://www.ransomware.live/map?year=2025&q=akira 2025-10-21
URL https://www.silentpush.com/blog/salt-typhoon-2025/ 2025-10-21
URL https://www.thehacker.recipes/ad/movement/kerberos/unpac-the-hash 2025-10-21
References (1)
↗ https://www.darktrace.com/blog/salty-much-darktraces-view-on-a-recent-salt-typhoon-intrusion