← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
"don't save her" a continued message * CAPE Sandbox
WHITE msudosos 2026-05-22 Modified: 2026-05-22
669
IOCs
HIGH VOLUME
[sample of the Pigeonhole Sieve malware has been found in the X-Sieve R system, designed to detect and prevent the spread of malicious software, which is currently being used by Microsoft Office.] -pretext
tablepostfixeesttbodyspandeliveredtobayesspamfromeqenvfromfromhasdnipreputationdatetitlefile typeascii textcrlf linesigmamitre attacknetwork infodropped infouse shortname pathwindows folderdefense evasionnextwednesdayjanuaryextra infoattack networkinfo droppedgeospatial endpoints
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (5 / 669 total)
All IPv4 CIDR FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain email hostname
TYPEINDICATORDESCRIPTIONCREATED
domain dvtec2.com.ua 2026-05-22
domain disallowedcertstl.cab 2026-05-22
domain ipfs.io 2026-05-22
domain pinrulesstl.cab 2026-05-22
domain cortana.ai 2026-05-22
References (3)
↗ https://vtbehaviour.commondatastorage.googleapis.com/0005c1a0f0dd0df76abbabf5f3f9303e46639dc29181b907388cf95a919bfdc5_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779435695&Signature=UoqeOvA3l0SmZPLGLkJ4n7oue%2FoXBTcyhLy5g1zr97R1z9EBf2vAXrsnA8mHkedBOo0cd7lQhlV4QLek1AiAP4Z%2F9XgN%2FgaAo3L%2FP0tI1NFNb5lJ9mZ4YQ5aVcF1jYBD4bluT9%2BjUQaRIkFHR4w4OIpWVuJOGdkbT7UxU%2BgyPR3o2Ij%2Fli0GfJO%2B%2B2KMpTnBE0mWDM%2BrEThJKW2Ty5flTxONg4m7toLl7%2BspvX1Q ↗ https://vtbehaviour.commondatastorage.googleapis.com/0005c1a0f0dd0df76abbabf5f3f9303e46639dc29181b907388cf95a919bfdc5_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779435775&Signature=AkieU7eRCNrzND0lejy10HFR7OdRvNqyswrKIdggTIg6w4naejOYYwut39HnOup0%2BqQcIl4AJ6iCv7BrJuqNoIe3WuL3S3c9To36FuiNd2aOBRNZcN9gHBz7GSvTlAnmNNOt9OIZbdryCE4RnMJA4q7aOGLAd3dJzbXxC1sLLrpBBY0wTeb7cvNcLLEuJzsk9AQw8m9nZ%2BMfQJB8hWxaWNXySZkIl%2Fkufg7NdeYBFT4YXsi2gxWg0UruP%2FFYE8 ↗ https://vtbehaviour.commondatastorage.googleapis.com/0002412eddb6f812afb3e131d7e801536cb4ff8a410a6d6c6bc559fdb3546116_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779436484&Signature=Pr1pfaimFPZRbQFRLBhpICwKcQGlnx4U5y%2FQZiFEs%2BMGp9zOdmylpsondhJ%2FoJg6NIwY9%2Bk2v9SRh8rgNd2aefaWARh%2ByYvcCFEELbz7cf%2F2f128%2FN%2BsNKOuiRC2JFyN37Wq2hSLt9NYUERhB0THMCMQtw1axrtOHh9CLz3YZ%2BdO7E%2B3g1aOrD3sDAwOgmWR9n9pk%2Fj55fIyJqPDU80OB1RXmaU4XNnEIBA69dpnuj57WGWd