← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Security brief: tax scams aim to steal funds from taxpayers
WHITE Tr1sa111 2026-03-31 Modified: 2026-04-29
18
IOCs
MEDIUM VOLUME
tax scamsbecvalleyratwinos4.0social engineeringphishingirs impersonationrmmcredential theft
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Winos4.0 ValleyRAT
Indicators of Compromise (18)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 04e20b06dad0a6b69527a6efea668a31 2026-03-31
FileHash-MD5 ab11a32f0d617e50eb0c710d63128f79 2026-03-31
FileHash-SHA1 5fa97aaf219b223159f9487b296bb916f073e4a0 2026-03-31
FileHash-SHA1 7ba88ef7b2dce865d2bc4e95e982bf68dfff1ea4 2026-03-31
FileHash-SHA256 844202972ff19afa760447fc87963de0fbbc0ebc69d50164f03ecf5d4e67952f 2026-03-31
FileHash-SHA256 d338a7f85737cac1a7b4b5a1cca94e33d0aa8260548667c6733225d4c20cb848 2026-03-31
URL https://www.upsystems.one/Alex.exe 2026-03-31
domain akcjdrya.com 2026-03-31
domain bksgcefzqyb.com 2026-03-31
domain buwxkiy.com 2026-03-31
domain eodrggi.com 2026-03-31
domain gyglowcq.com 2026-03-31
domain iuzndfqr.com 2026-03-31
domain nirbsff.com 2026-03-31
domain rmwztbrr.com 2026-03-31
domain whghfpytehu.com 2026-03-31
domain wijgzsfh.com 2026-03-31
hostname www.upsystems.one 2026-03-31
References (1)
↗ https://www.proofpoint.com/us/blog/threat-insight/security-brief-tax-scams-aim-steal-funds-taxpayers