← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
IOC - MuddyWater: Snakes by the riverbank
WHITE celestre 2025-12-03 Modified: 2026-01-02
68
IOCs
HIGH VOLUME
ESET researchers have identified new MuddyWater activity primarily targeting organizations in Israel, with one confirmed target in Egypt. MuddyWater, also referred to as Mango Sandstorm or TA450, is an Iran-aligned cyberespionage group known for its persistent targeting of government and critical infrastructure sectors, often leveraging custom malware and publicly available tools.
gosocks5foodermuddywaterc servermuddywater cblubcenotesna hosterdaddyprivatelpnotesmimikatzfirstnovamuddyviper
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
MuddyWater MuddyViper
Indicators of Compromise (2 / 68 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 6020ea571ee6e09a0500421823fd5292858bd763acc4089a56af414cfb0c82ae SHA256 of a9747a3f58f8f408fecefc48db0a18a1cb6dacae 2025-12-03
FileHash-SHA256 8fb52fa62541c16519520d305d5d4ec7ac3fe2e09156c1011a05ebc9dc05707e SHA256 of 007b5cd6d6acf972f7743f79e23cab9bb2ecbee3 2025-12-03
References (1)
↗ https://www.welivesecurity.com/en/eset-research/muddywater-snakes-riverbank/