Pulse Detail — Threat Intelligence

PULSE NAME

VirusTotal report for program.exe

WHITE msudosos 2026-03-08 Modified: 2026-04-07

119

IOCs

HIGH VOLUME

<Hundreds of thousands of people have signed a petition calling for an end to the use of the word "sex" in the wake of an attack by a gunman in New York, which killed four people>. <<---- here prior msudosos notes: wT****** Hueristic SMEAR

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1010 T1016 T1018 T1027 T1036 T1055 T1070 T1071 T1082 T1083 T1095 T1105 T1218 T1497 T1518 T1547 T1571 T1573 T1574

Indicators of Compromise (119)

All FileHash-SHA256 FileHash-MD5 FileHash-SHA1 URL domain hostname CVE

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-SHA256	023ce744b46f2169c8e7b8fddca608bb833fd61c1410139e5c5b45d88841b1f9	—	2026-03-08
FileHash-MD5	57c8edb95df3f0ad4ee2dc2b8cfd4157	—	2026-03-08
FileHash-MD5	6ac0169b8270e928db03fcc46fdba756	—	2026-03-08
FileHash-MD5	b405127fa8aa9a93a71a22bae473eac5	—	2026-03-08
FileHash-SHA1	771b68e4f75a719044eb2c0edcab3fee8e264829	—	2026-03-08
FileHash-SHA256	00d85534d545eb96d90815691684070105d1e26295196cf9c702f46613e7192c	—	2026-03-08
FileHash-SHA256	039fb4a1fc7fb576edd369e078a2bd237dfa55932a7ed5ab9a116b82885478b8	—	2026-03-08
FileHash-SHA256	12264670242948b129acc4d9cd80cdf83fac88e662c09a57ce5ac6b39510618d	—	2026-03-08
FileHash-SHA256	31f950d8bc25818695d0a170bd68d37549627fa7c9539127469193af7dc144ee	—	2026-03-08
FileHash-SHA256	57762ff1c7a1b36d8c4fb02f763119bac70e71256552489ae9e0c8279ffb9224	—	2026-03-08
FileHash-SHA256	750a8fa8f3c45870380cdb31b4ee08cd5b4ddcf1f6bc7846e72118e6bcc1953e	—	2026-03-08
FileHash-SHA256	c2c57e8f55274e7f8b22665c05078cddec5b8f31d939d35d8becd9be47453a57	—	2026-03-08
FileHash-SHA256	c8f11d97f81f663a2754e922c508292a1f2d27d74713b47747feb57141d8045c	—	2026-03-08
FileHash-SHA256	cd512f1871c27a6c98072118e9aaee0b88a03e5e14083463c18421f663993b20	—	2026-03-08
FileHash-SHA256	eac1309afd4aed1a9ec46a8ab930b2f82cad119bff01dbe72361207143dd749b	—	2026-03-08
FileHash-SHA256	fa64477231693dc1bfed276953cc785bb7e0c1686008e646219412a1f487ab3a	—	2026-03-08
URL	http://107.163.241.202:12354/show.php	—	2026-03-08
URL	http://107.163.241.202:12354/show.php%	—	2026-03-08
URL	http://107.163.241.202:12354/show.php/	—	2026-03-08
URL	http://107.163.241.202:12354/show.php0	—	2026-03-08
URL	http://107.163.241.202:12354/show.php5uhTe	—	2026-03-08
URL	http://107.163.241.202:12354/show.php7	—	2026-03-08
URL	http://107.163.241.202:12354/show.php9	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpAu	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpE	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpIi	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpNj	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpO	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpSu	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpTj	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpVisualizations	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpX	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpandaloneUpdater	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpcrosoft	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpd3uRTe	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpdaterService	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpek	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpeu	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpft.NETCore.App	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpg	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpi	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpindows	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpion	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpk_	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpmj9T	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpoft	—	2026-03-08
URL	http://107.163.241.202:12354/show.phps	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpu	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpue	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpules	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpw	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpwu	—	2026-03-08
URL	http://107.163.241.202:12354/show.phpy	—	2026-03-08
URL	http://crl.digicert-cn.com/DigiCertGlobalRootCA.crl	—	2026-03-08
URL	http://crl.digicert-cn.com/DigiCertGlobalRootCA.crl0	—	2026-03-08
URL	http://crl.digicert-cn.com/DigiCertGlobalRootCA.crlT	—	2026-03-08
URL	http://crl.digicert-cn.com/DigiCertGlobalRootCA.crlX	—	2026-03-08
URL	http://crl.digicert-cn.com/DigiCertGlobalRootCA.crlt	—	2026-03-08
URL	http://crl.digicert-cn.com/GeoTrustCNRSACAG1.crt0	55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0	2026-03-08
URL	http://crl.digicert-cn.com/R	—	2026-03-08
URL	http://crl.digicert-cn.com:80/DigiCertGlobalRootCA.crlft	—	2026-03-08
URL	http://ocsp.dcocsp.cn	bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128	2026-03-08
URL	http://ocsp.dcocsp.cn/	10433a2437f8fcd1a99330ea1c30fa53ee69b926c66a8b7f9c95cc714d5aea5c	2026-03-08
URL	http://ocsp.dcocsp.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPi	—	2026-03-08
URL	http://ocsp.dcocsp.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAoEcNCWvIoSyJCm34Ju7Es%3D	—	2026-03-08
URL	http://ocsp.dcocsp.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSmVYFXwi%2FRq9wx3PKhB8lC%2FFYUyAQUkZ9eMRWuEJ%2Bt	—	2026-03-08
URL	http://ocsp.dcocsp.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSmVYFXwi%2FRq9wx3PKhB8lC%2FFYUyAQUkZ9eMRWuEJ%2BtYMH3wcyqSDQvDCYCEAIOqXl9FbYlUMFGsBA%2F8Hc%3D	—	2026-03-08
URL	http://ocsp.dcocsp.cn/d	—	2026-03-08
URL	http://ocsp.dcocsp.cn:80/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8	—	2026-03-08
URL	http://ocsp.dcocsp.cn:80/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSmVYFXwi%2FRq9wx3PKhB8lC%2FFYUyAQUkZ9eMRWuEJ%	—	2026-03-08
domain	krnaver.com	—	2026-03-08
hostname	crl.digicert-cn.com	—	2026-03-08
hostname	ln-0007.ln-msedge.net	—	2026-03-08
hostname	ocsp.dcocsp.cn	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807%	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807.	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807/	—	2026-03-08
URL	http://blog.sina.com.cn/u/56550298070	—	2026-03-08
URL	http://blog.sina.com.cn/u/56550298073uRTe	—	2026-03-08
URL	http://blog.sina.com.cn/u/56550298077	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807:	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807X	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807cu	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807d	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807f	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807g	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807i	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807icrosoft	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807ion	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807ou	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807rs	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807ue	—	2026-03-08
URL	http://blog.sina.com.cn/u/5655029807y	—	2026-03-08
URL	https://blog.sina.com.cn/8	—	2026-03-08
URL	https://blog.sina.com.cn/All	—	2026-03-08
URL	https://blog.sina.com.cn/Office	—	2026-03-08
URL	https://blog.sina.com.cn/ce	—	2026-03-08
URL	https://blog.sina.com.cn/crosoft	—	2026-03-08
URL	https://blog.sina.com.cn/krnaver.com	—	2026-03-08
URL	https://blog.sina.com.cn/les	—	2026-03-08
URL	https://blog.sina.com.cn/nts	—	2026-03-08
URL	https://blog.sina.com.cn/u/5655029807	—	2026-03-08
URL	https://blog.sina.com.cn/u/5655029807/	—	2026-03-08
URL	https://blog.sina.com.cn/u/5655029807Ku	—	2026-03-08
URL	https://blog.sina.com.cn/u/5655029807Uu	—	2026-03-08
URL	https://blog.sina.com.cn/u/5655029807_u	—	2026-03-08
URL	https://blog.sina.com.cn/u/5655029807er	—	2026-03-08
URL	https://blog.sina.com.cn/ws	—	2026-03-08
domain	dns.google	—	2026-03-08
hostname	bg.microsoft.map.fastly.net	—	2026-03-08
hostname	blog.sina.com.cn	—	2026-03-08
hostname	blogx.sina.com.cn	—	2026-03-08
hostname	cl-glcb907925.gcdn.co	—	2026-03-08
hostname	crl3.digicert.com	—	2026-03-08
hostname	e3913.cd.akamaiedge.net	—	2026-03-08
hostname	ocsp.dcocsp.cn.w.kunlunar.com	—	2026-03-08
hostname	show.phpft.netcore.app	—	2026-03-08
CVE	CVE-2026-20700	A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.	2026-03-08