← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Infected Hosts - MagicSword Analytics - Alerts Merged 03.06.26
Analytics from 2 infected hosts from MagicSword
Hosts are both psuedo clones (?) of a production device that connects to AHS/Covenant Health, UAlberta, Government of Alberta daily. FFSS
******https://tria.ge/260306-2134tsfs3n <- Analytic Files & a few problem Files & 'secret files' only found in Triage VM. Did not include in pulse -> 9/10 *****************
MITRE ATT&CK & Malware Families
Indicators of Compromise (2 / 815 total)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | deceed27caf39c2e81f6ccf82dc32efc | MD5 of aeb9b61e47d91c42fff213992b7810a3d562fb12 | 2026-03-06 | |
| FileHash-MD5 | fd2a63b8cbdcc20fd2c55e790cb563b1 | MD5 of ab94c66e893012ca56de0fe8fb4deb40ea8f6da6763ee7831cc083edec50bb69 | 2026-03-06 |
References (10)
↗ https://www.filescan.io/uploads/69ab467397feb4afd670f9d7/reports/1a4169f3-4b2d-4442-9d52-914c643954bc/overview
↗ https://app.threat.zone/submission/ceae3b93-a33f-401b-8a54-a951b524adf4/overview
↗ https://www.filescan.io/uploads/69ab48ab9eaae8465944a7a7/reports/0b631689-e054-441a-8302-0c1c9c9d4783/overview
↗ https://app.threat.zone/submission/f5353cb5-7f63-4462-a4c5-96fc9e9de8fe/overview
↗ https://www.filescan.io/uploads/69ab4a18cd25bfe1dfe2ef6f/reports/59c49be5-98f1-4055-a49b-e5a9ce532f15/overview
↗ https://app.threat.zone/submission/1a95a88b-069d-4ca0-94be-46798f0156cf/overview
↗ https://www.filescan.io/uploads/69ab4c8697feb4afd671070f/reports/1c10bb12-152b-47b0-9d50-0d37fd946a77/overview
↗ http://hybrid-analysis.com/file-collection/69ab53ada78313258c0cd3b1
↗ Polyswarm
↗ ******https://tria.ge/260306-2134tsfs3n <- Analytic Files & a few problem Files & 'secret files' only found in Triage VM. Did not include in pulse -> 9/10