Pulse Detail — Threat Intelligence

PULSE NAME

CAPE Sandbox

WHITE msudosos 2026-03-30 Modified: 2026-04-29

150

IOCs

HIGH VOLUME

0a32d6abea15f3bfe2a74763ba6c4ef5 SHA1 d0a0ba4207f5432aad98b4a95b026000ed2cbd7c SHA256 ecbeaa13921dbad8028d29534c3878503f45a82a09cf27857fa4335bd1c9286d [VT] [MWDB] [Bazaar] SHA3-384 ef79fc72829f68826daed047da58341c5881407899b12a270156ddec9a5f6f9adf1837c00caac0f3361fb06efcf6540f CRC32 28718AD3 TLSH T14DA52212B6851CF9EC1791BDC3515A55EAB378820B31EEEF039481362F236E27E39B15 Ssdeep 49152:CXpR7NUIWY4kBvOlmNaxoVAiWAYt7zCEzlAt2auIZuJ5bg/:SVh4kwM6oVABVh3Iq8 Yara vmdetect - Possibly employs anti-virtualization techniques - Author: nex

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1003 T1005 T1012 T1027 T1036 T1057 T1070 T1071 T1082 T1106 T1548 T1552 T1555 T1564

Indicators of Compromise (150)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	0a32d6abea15f3bfe2a74763ba6c4ef5	—	2026-03-30
FileHash-MD5	134f3b5e9e661930a33b8b296cd6187c	—	2026-03-30
FileHash-MD5	138ec5156da29ef08932fcb5624dbe54	—	2026-03-30
FileHash-MD5	27eebb0f5ba818c80ab9ef7d94d6e3f3	—	2026-03-30
FileHash-MD5	2887ff98df6903e8c6eba9178527ca3c	—	2026-03-30
FileHash-MD5	349571bbd09721334988232b01142dae	—	2026-03-30
FileHash-MD5	836ac69b9de09bd2c40cbffe2922d5ee	—	2026-03-30
FileHash-MD5	8b4b29533f185ff5fdcc565db1d4b443	—	2026-03-30
FileHash-MD5	a182561a527f929489bf4b8f74f65cd7	—	2026-03-30
FileHash-MD5	b7c14ec6110fa820ca6b65f5aec85911	MD5 of 608eeb7488042453c9ca40f7e1398fc1a270f3f4	2026-03-30
FileHash-MD5	bf7dd260cb09f5bd94561eb81d2a4669	—	2026-03-30
FileHash-MD5	cacaf2c51fba1f182e246f2786cd4e67	—	2026-03-30
FileHash-MD5	ce1a5121a9a52582e540aef8846f888a	—	2026-03-30
FileHash-MD5	d444c807029c83b8a892ac0c4971f955	—	2026-03-30
FileHash-MD5	dfd4f60adc85fc874327517efed62ff7	—	2026-03-30
FileHash-MD5	edaaeb8771ee505ee5a8065d6cda7c9a	—	2026-03-30
FileHash-SHA1	08d74b8615e301246f5a1514035e287e90dc89b1	—	2026-03-30
FileHash-SHA1	2994aaf407c3b2b89bb3eed3131211865d1007ca	—	2026-03-30
FileHash-SHA1	358762cf4a3305db1456495234e8005be9dfa3e3	—	2026-03-30
FileHash-SHA1	3c8cf297ab96c73759fc10e4651ae07d4a36e7ad	—	2026-03-30
FileHash-SHA1	3ffb99da92aca62646c8dd82eb7e7484ef7fdaa8	—	2026-03-30
FileHash-SHA1	4c1f90344c170d8b3f14e63cd20e3d48dbd41580	—	2026-03-30
FileHash-SHA1	608eeb7488042453c9ca40f7e1398fc1a270f3f4	—	2026-03-30
FileHash-SHA1	8118af5cd0300f7277535d3c118bbc3ee8909a88	—	2026-03-30
FileHash-SHA1	8cd6866594759711ea1836e86a5b7ca64ee8911f	—	2026-03-30
FileHash-SHA1	90e47840235203580da7c0d364ee951b1658e25d	—	2026-03-30
FileHash-SHA1	d0a0ba4207f5432aad98b4a95b026000ed2cbd7c	—	2026-03-30
FileHash-SHA1	de1d598b53811eeae2d62464281050e2bf7fa244	—	2026-03-30
FileHash-SHA1	f97489afb75bfd5ee52892f37383fbc85aa14a69	—	2026-03-30
FileHash-SHA1	fa58ce7588513519dc8fed939b26b05dc25e53b5	—	2026-03-30
FileHash-SHA256	1a2c1870b383b4c4028a6af18eeef19b11e424cfb091c9097360890f62779ece	—	2026-03-30
FileHash-SHA256	2441e06dc39fec72645927a3e1b1ca350273b413547bd95d9a4342ee043f341e	—	2026-03-30
FileHash-SHA256	42aad7886965428a941508b776a666a4450eb658cb90e80fae1e7457fc71f914	—	2026-03-30
FileHash-SHA256	44a58ef6720200aa21db1395623c813f3640c484c40b09469fcb51a1571e7b09	—	2026-03-30
FileHash-SHA256	47e36fc95c285364f853797fbe647b2dadf8de0b773a81732c4ee5e42559e12c	—	2026-03-30
FileHash-SHA256	59dee47dbc7dcd9feee4845579ac9c6125f081aae5ee12c20cfd64e889de7fc1	—	2026-03-30
FileHash-SHA256	62a95e52fd45148626adfaf7326f67e39e28641f165bdf6f6e7ef5e4fbc1db39	—	2026-03-30
FileHash-SHA256	665df2e6f1586725e33da4c9fd6183cbf2381e638a4a1bf02d5f0cc94ea76c9a	—	2026-03-30
FileHash-SHA256	7694809c1efd786a3776ac16a196ddc548595671e75c8651f10c45317d7e5920	—	2026-03-30
FileHash-SHA256	8297a7698f19bb81539a18363db100c55e357fa73f773c2b883d2c4161f6a259	—	2026-03-30
FileHash-SHA256	c007da2e5fd780008f28336940b427c3bfd509c72a40bfb7759592149ff3606e	—	2026-03-30
FileHash-SHA256	c3f221069b119453a9e9a021300c81fc14ec011da432d4cba6458db17d9f4370	—	2026-03-30
FileHash-SHA256	c4884afa8041449d419860a3b10d6450ce14ebcc2a8ff29b87b63a29a1f46bd7	—	2026-03-30
FileHash-SHA256	ecbeaa13921dbad8028d29534c3878503f45a82a09cf27857fa4335bd1c9286d	—	2026-03-30
FileHash-SHA256	fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb	SHA256 of 608eeb7488042453c9ca40f7e1398fc1a270f3f4	2026-03-30
URL	http://app-metrics-cdn.com/api/listener/heartbeat	—	2026-03-30
URL	http://app-metrics-cdn.com/api/upload	—	2026-03-30
URL	http://app-metrics-cdn.com/api/upload-complete	—	2026-03-30
URL	http://app-metrics-cdn.com/api/upload-json	0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5	2026-03-30
domain	app-metrics-cdn.com	—	2026-03-30
hostname	api-msn-com.ax-0003.ax-msedge.net	—	2026-03-30
hostname	ax-0003.ax-msedge.net	—	2026-03-30
URL	http://131.107.255.255	—	2026-03-30
URL	http://disallowedcertstl.cab?4fb7a7102ad98859	—	2026-03-30
URL	http://disallowedcertstl.cab?c4e968a9e1b90865	—	2026-03-30
URL	http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?4fb7a7102ad98859	—	2026-03-30
URL	http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?c4e968a9e1b90865	—	2026-03-30
URL	http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/pinrulesstl.cab?ddd949e0023c430e	—	2026-03-30
URL	http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAsMayxGaRewR3PGR9SvwMg%3D	—	2026-03-30
URL	http://oneocsp.microsoft.com/ocsp/MFQwUjBQME4wTDAJBgUrDgMCGgUABBR0TBEVYklX7A9yLoLD9hqmCWDxFgQU3pGGSLehMVkx8UtfB6nciHnaqHYCEzMAAAAPMyBlN%2B5Crk8AAAAAAA8%3D	—	2026-03-30
URL	http://pinrulesstl.cab?ddd949e0023c430e	—	2026-03-30
domain	disallowedcertstl.cab	—	2026-03-30
domain	pinrulesstl.cab	—	2026-03-30
hostname	a-0003.a-msedge.net	—	2026-03-30
hostname	a767.dspw65.akamai.net	—	2026-03-30
hostname	api-msn-com-oneservice-world-default.trafficmanager.net	—	2026-03-30
hostname	api.msn.com	—	2026-03-30
hostname	atm-settingsfe-prod-geo2.trafficmanager.net	—	2026-03-30
hostname	cdn.onenote.net	—	2026-03-30
hostname	cdn.onenote.net.edgekey.net	—	2026-03-30
hostname	cdp1.digicert.com.akamaized.net	—	2026-03-30
hostname	cdp1.digicert.com.eip.akadns.net	—	2026-03-30
hostname	cdp1.digicert.com.splitter-eip.akadns.net	—	2026-03-30
hostname	ctldl.windowsupdate.com	—	2026-03-30
hostname	ctldl.windowsupdate.com.delivery.microsoft.com	—	2026-03-30
hostname	dns.msftncsi.com	—	2026-03-30
hostname	download.windowsupdate.com.edgesuite.net	—	2026-03-30
hostname	e1553.dspg.akamaiedge.net	—	2026-03-30
hostname	e16604.dscf.akamaiedge.net	—	2026-03-30
hostname	eip-terr-na.cdp1.digicert.com.akahost.net	—	2026-03-30
hostname	fe3.delivery.mp.microsoft.com	—	2026-03-30
hostname	fe3cr.delivery.mp.microsoft.com	—	2026-03-30
hostname	fs-wildcard.microsoft.com.edgekey.net	—	2026-03-30
hostname	fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net	—	2026-03-30
hostname	fs.microsoft.com	—	2026-03-30
hostname	glb.cws.prod.dcat.dsp.trafficmanager.net	—	2026-03-30
hostname	glb.sls.prod.dcat.dsp.trafficmanager.net	—	2026-03-30
hostname	ocsp.digicert.com	—	2026-03-30
hostname	ocsp.edge.digicert.com	—	2026-03-30
hostname	oneocsp-microsoft-com.a-0003.a-msedge.net	—	2026-03-30
hostname	oneocsp.microsoft.com	—	2026-03-30
hostname	prod.fs.microsoft.com.akadns.net	—	2026-03-30
hostname	settings-prod-wus2-2.westus2.cloudapp.azure.com	—	2026-03-30
hostname	settings-win.data.microsoft.com	—	2026-03-30
hostname	sls.update.microsoft.com	—	2026-03-30
hostname	slscr.update.microsoft.com	—	2026-03-30
hostname	time.windows.com	—	2026-03-30
hostname	twc.trafficmanager.net	—	2026-03-30
hostname	wu-b-net.trafficmanager.net	—	2026-03-30
domain	lcmapstringw.com	—	2026-03-30
URL	http://www.learn.microsoft.com/en-us/search/?terms=LCMapStringW.com	—	2026-03-30
hostname	www.learn.microsoft.com	—	2026-03-30
domain	lcmapstringw.com	—	2026-03-30
URL	http://www.learn.microsoft.com/en-us/search/?terms=LCMapStringW.com	—	2026-03-30
hostname	www.learn.microsoft.com	—	2026-03-30
FileHash-SHA1	8c7da50ad95ba815e3b51360c07f279037e73a7b	—	2026-03-30
FileHash-SHA256	b76c856cbcd8303a902c5794d396b8ac84335ac29f09fe0422d6b40e750110d0	—	2026-03-30
domain	index.md	—	2026-03-30
URL	https://github.com/MicrosoftDocs/DocsRoot/blob/8c7da50ad95ba815e3b51360c07f279037e73a7b/DocsCoreContent/Search/index.md	—	2026-03-30
URL	https://github.com/MicrosoftDocs/DocsRoot/blob/live/DocsCoreContent/Search/index.md	—	2026-03-30
URL	https://learn.microsoft.com/en-us/media/open-graph-image.png	—	2026-03-30
URL	https://learn.microsoft.com/en-us/search/	—	2026-03-30
URL	https://learn.microsoft.com/en-us/search/?accept=text/markdown	—	2026-03-30
hostname	learn.microsoft.com	—	2026-03-30
FileHash-SHA1	8c7da50ad95ba815e3b51360c07f279037e73a7b	—	2026-03-30
FileHash-SHA256	b76c856cbcd8303a902c5794d396b8ac84335ac29f09fe0422d6b40e750110d0	—	2026-03-30
domain	index.md	—	2026-03-30
URL	https://github.com/MicrosoftDocs/DocsRoot/blob/8c7da50ad95ba815e3b51360c07f279037e73a7b/DocsCoreContent/Search/index.md	—	2026-03-30
URL	https://github.com/MicrosoftDocs/DocsRoot/blob/live/DocsCoreContent/Search/index.md	—	2026-03-30
URL	https://learn.microsoft.com/en-us/media/open-graph-image.png	—	2026-03-30
URL	https://learn.microsoft.com/en-us/search/	—	2026-03-30
URL	https://learn.microsoft.com/en-us/search/?accept=text/markdown	—	2026-03-30
hostname	learn.microsoft.com	—	2026-03-30
FileHash-SHA1	8c7da50ad95ba815e3b51360c07f279037e73a7b	—	2026-03-30
FileHash-SHA256	b76c856cbcd8303a902c5794d396b8ac84335ac29f09fe0422d6b40e750110d0	—	2026-03-30
domain	index.md	—	2026-03-30
URL	https://github.com/MicrosoftDocs/DocsRoot/blob/8c7da50ad95ba815e3b51360c07f279037e73a7b/DocsCoreContent/Search/index.md	—	2026-03-30
URL	https://github.com/MicrosoftDocs/DocsRoot/blob/live/DocsCoreContent/Search/index.md	—	2026-03-30
URL	https://learn.microsoft.com/en-us/media/open-graph-image.png	—	2026-03-30
URL	https://learn.microsoft.com/en-us/search/	—	2026-03-30
URL	https://learn.microsoft.com/en-us/search/?accept=text/markdown	—	2026-03-30
hostname	learn.microsoft.com	—	2026-03-30
FileHash-SHA1	846dcc7c3c3d28501a9072f8d2ea01f97b67fedc	—	2026-03-30
FileHash-SHA1	8c7da50ad95ba815e3b51360c07f279037e73a7b	—	2026-03-30
FileHash-SHA256	5084dcad895a64adabc12cb39f076063a6fd845f789e427197dcbaa239490555	—	2026-03-30
FileHash-SHA256	52711b43c6bffe201ec8d0fe6a5733b7f35f84785e174a5214dcfdc7670327b2	—	2026-03-30
FileHash-SHA256	65db4e8e67939f3fca140f2719e7efa50872aa6ca35a97b380e9142468b7f2e3	—	2026-03-30
FileHash-SHA256	f3abb0cc802f3d7b95fc8762b94bdcb13bf39634c40c357301c4aa1d67a256fb	—	2026-03-30
domain	index.md	—	2026-03-30
URL	https://api.github.com/_private/browser/errors	—	2026-03-30
URL	https://api.github.com/_private/browser/stats	—	2026-03-30
URL	https://collector.github.com/github/collect	—	2026-03-30
URL	https://github.com	—	2026-03-30
URL	https://github.com/MicrosoftDocs/DocsRoot/blob/8c7da50ad95ba815e3b51360c07f279037e73a7b/DocsCoreContent/Search/index.md	—	2026-03-30
URL	https://github.githubassets.com/assets/github-logo-55c5b9a1fe52.png	—	2026-03-30
URL	https://github.githubassets.com/assets/github-mark-57519b92ca4e.png	—	2026-03-30
URL	https://github.githubassets.com/assets/github-octocat-13c86b8b336d.png	—	2026-03-30
hostname	api.github.com	—	2026-03-30
hostname	collector.github.com	—	2026-03-30
hostname	github.githubassets.com	—	2026-03-30