← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
EtherRAT Targeting Windows Disguised as a Game Mod Installer
WHITE Tr1sa111 2026-01-22 Modified: 2026-02-20
26
IOCs
MEDIUM VOLUME
msiobfuscationethereum123 stealerwindowssmart contractc2 communicationtsundere botnetpersistencecve-2025-55182game modetherrat
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
EtherRAT Tsundere Botnet 123 Stealer
Indicators of Compromise (11 / 26 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 1f715a97657a547e9eb55878bb0b946c3a2d43b6d467ca60e816853d4d727828 2026-01-22
FileHash-SHA256 2de16fea5af78d5f1fdb8039efd7fb319d8e233cea8b4c20ea1f13ad380aea1d 2026-01-22
FileHash-SHA256 4508a26a0a42966606cd59c558284e28e9e06b4db89fe0f8b50fd9599f4f73f1 2026-01-22
FileHash-SHA256 606dd4d7b4f7755136f53ed442a1eebd1c36a671eaf91c494a1627788b64e819 2026-01-22
FileHash-SHA256 81c3d0efb9da0dd0cd7b06e1692053fdf5561b916cb2502ccc4c31f997c352f8 2026-01-22
FileHash-SHA256 926ee406adc542dc21a971d4112d958f91413222fd97d2ee0422ac0568a80aa9 2026-01-22
FileHash-SHA256 9383c992abecdab53cc798940d296c0f8a5c0efe5ee8161d7c71a2dd23e374e2 2026-01-22
FileHash-SHA256 98da27f6667782ac7e4b629cd8bc09b193635a109f8e521ea8e2fb7ce15c2ea1 2026-01-22
FileHash-SHA256 b8d9ef87b3a7a2cf2509317296baf127100a14838d03e1c158b0d5f17ec5b41b 2026-01-22
FileHash-SHA256 e38362aca79b16d588174e64a33cc688504c845d882624243fde90abd578bd7d 2026-01-22
FileHash-SHA256 e76867e7ec438165e2d629a0bfe2ae53f5320831cc1f8115b2a4f869f5240950 2026-01-22
References (1)
↗ https://www.enki.co.kr/en/media-center/blog/etherrat-targeting-windows-disguised-as-a-game-mod-installer