← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
IOC - MuddyWater: Snakes by the riverbank
WHITE celestre 2025-12-03 Modified: 2026-01-02
68
IOCs
HIGH VOLUME
ESET researchers have identified new MuddyWater activity primarily targeting organizations in Israel, with one confirmed target in Egypt. MuddyWater, also referred to as Mango Sandstorm or TA450, is an Iran-aligned cyberespionage group known for its persistent targeting of government and critical infrastructure sectors, often leveraging custom malware and publicly available tools.
gosocks5foodermuddywaterc servermuddywater cblubcenotesna hosterdaddyprivatelpnotesmimikatzfirstnovamuddyviper
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
MuddyWater MuddyViper
Indicators of Compromise (2 / 68 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 11ee5f269902e37ab15e8ae2c5d37412 MD5 of 007b5cd6d6acf972f7743f79e23cab9bb2ecbee3 2025-12-03
FileHash-MD5 c851e849c8442727eac69225203ee7f7 MD5 of a9747a3f58f8f408fecefc48db0a18a1cb6dacae 2025-12-03
References (1)
↗ https://www.welivesecurity.com/en/eset-research/muddywater-snakes-riverbank/