← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
IOC - From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities
Microsoft Defender Experts identified an active cryptojacking campaign in which malicious download sites are surfaced not only through traditional search engine poisoning, but also through AI chatbot interactions. This emerging delivery technique extends social engineering beyond conventional search results and increases the visibility of malicious software recommendations.
Indicators of Compromise (39)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 10ad138b736d4e193ea69c1b8d67ee58 | MD5 of db2d33c4e6e4a5c2263b56e8303c343305a94dde1fc2968304ba260acbbd9f9f | 2026-05-28 | |
| FileHash-MD5 | 2e452c60147ab699f596e92fdbc24279 | MD5 of 062bb28765fbaa11f8cc341fa16e2c7f942a122d929cb41f4a0f755b4429f246 | 2026-05-28 | |
| FileHash-MD5 | 4125681f9276487f4318c7ce9c8b6786 | MD5 of 2ee93ccbcd49ed94c65dcf52e7dcb8f0fa0a443ca24c0e0c7f79152efba657b7 | 2026-05-28 | |
| FileHash-MD5 | 512b49f441765698c679b5da5f0cc868 | MD5 of c7425fbe6c3a4937934215c54027d4b67202d12ab490682fae03498870d66d06 | 2026-05-28 | |
| FileHash-MD5 | 56b75638beabd690f38de434f7efd623 | MD5 of 9ff07c9fafa9c03fdf69e4abf6806aa7c938b5480e7e258f227db0719ecd6386 | 2026-05-28 | |
| FileHash-MD5 | 661d4551df34661f3ffc565e2f4ecdbc | MD5 of 1b2555b09ac62164638f47c8272beb6b0f97186e37d3a54cb84c723ff7a2eee5 | 2026-05-28 | |
| FileHash-MD5 | 6ca9a835ce59c11c03f0b22c681aab46 | MD5 of a460d00ef93c8ce70d32e48e55781af66a53328fc2dde45519be196c265de074 | 2026-05-28 | |
| FileHash-MD5 | 9bfbf2a722983e831e1893a8a548db2f | MD5 of 16562974deec80e41ef57a71a6de8c03ceb393005fb1432f8d9d82c61294ef8c | 2026-05-28 | |
| FileHash-MD5 | c5c507895c6f01c558974812753ac89a | MD5 of cf3f8160eb5a5580e0c35054847e3ac4d01e9fe74fab8bc12bf6e8a40bf696b2 | 2026-05-28 | |
| FileHash-MD5 | d58ce78503c60c19926ed642f0eb9d53 | MD5 of 7035c2abeb617e828dfda1b119b8544fa9ae15a1d263d18bc5506acaf381f496 | 2026-05-28 | |
| FileHash-MD5 | e1dbc88ccd3da4337bdc2a2cf1acd25c | MD5 of 69077fcf940fc5852fb32beed15636756ebc04ac971b7ed71d36251e7ea70a20 | 2026-05-28 | |
| FileHash-SHA1 | 017830597704acd90fb171f3025bc6f28745da57 | SHA1 of 1b2555b09ac62164638f47c8272beb6b0f97186e37d3a54cb84c723ff7a2eee5 | 2026-05-28 | |
| FileHash-SHA1 | 49d437381b2892a8c33e99392ee5d939c09e1c4f | SHA1 of a460d00ef93c8ce70d32e48e55781af66a53328fc2dde45519be196c265de074 | 2026-05-28 | |
| FileHash-SHA1 | 4c2c8b00b2fe2aaa51dd224281e3909740c8bbe7 | SHA1 of 062bb28765fbaa11f8cc341fa16e2c7f942a122d929cb41f4a0f755b4429f246 | 2026-05-28 | |
| FileHash-SHA1 | 62d5e9ed6c1444469e4b89f3ca6c2047a5e8eb98 | SHA1 of 9ff07c9fafa9c03fdf69e4abf6806aa7c938b5480e7e258f227db0719ecd6386 | 2026-05-28 | |
| FileHash-SHA1 | ab44396e57b544984292622c744a2b607ef74e66 | SHA1 of db2d33c4e6e4a5c2263b56e8303c343305a94dde1fc2968304ba260acbbd9f9f | 2026-05-28 | |
| FileHash-SHA1 | bbeaac7ef00268bd5cc583e26624e760085581dc | SHA1 of 2ee93ccbcd49ed94c65dcf52e7dcb8f0fa0a443ca24c0e0c7f79152efba657b7 | 2026-05-28 | |
| FileHash-SHA1 | c27a1688fa5a4ec9497da0fc9bd88c8b362234c5 | SHA1 of c7425fbe6c3a4937934215c54027d4b67202d12ab490682fae03498870d66d06 | 2026-05-28 | |
| FileHash-SHA1 | d134ebf3501bbb4eeeca49c325f7fb85aaaacf3f | SHA1 of 16562974deec80e41ef57a71a6de8c03ceb393005fb1432f8d9d82c61294ef8c | 2026-05-28 | |
| FileHash-SHA1 | d7c18ebd1063e4b5ab4468d0d76be50e7778cc98 | SHA1 of 69077fcf940fc5852fb32beed15636756ebc04ac971b7ed71d36251e7ea70a20 | 2026-05-28 | |
| FileHash-SHA1 | f68593663b485682eea2a96b27b9701aa529ccd2 | SHA1 of cf3f8160eb5a5580e0c35054847e3ac4d01e9fe74fab8bc12bf6e8a40bf696b2 | 2026-05-28 | |
| FileHash-SHA1 | f9ea4f4b636614226579ac6cbfc8abe21539a8da | SHA1 of 7035c2abeb617e828dfda1b119b8544fa9ae15a1d263d18bc5506acaf381f496 | 2026-05-28 | |
| FileHash-SHA256 | 062bb28765fbaa11f8cc341fa16e2c7f942a122d929cb41f4a0f755b4429f246 | — | 2026-05-28 | |
| FileHash-SHA256 | 16562974deec80e41ef57a71a6de8c03ceb393005fb1432f8d9d82c61294ef8c | — | 2026-05-28 | |
| FileHash-SHA256 | 1b2555b09ac62164638f47c8272beb6b0f97186e37d3a54cb84c723ff7a2eee5 | — | 2026-05-28 | |
| FileHash-SHA256 | 2ee93ccbcd49ed94c65dcf52e7dcb8f0fa0a443ca24c0e0c7f79152efba657b7 | — | 2026-05-28 | |
| FileHash-SHA256 | 69077fcf940fc5852fb32beed15636756ebc04ac971b7ed71d36251e7ea70a20 | — | 2026-05-28 | |
| FileHash-SHA256 | 7035c2abeb617e828dfda1b119b8544fa9ae15a1d263d18bc5506acaf381f496 | — | 2026-05-28 | |
| FileHash-SHA256 | 9ff07c9fafa9c03fdf69e4abf6806aa7c938b5480e7e258f227db0719ecd6386 | — | 2026-05-28 | |
| FileHash-SHA256 | a460d00ef93c8ce70d32e48e55781af66a53328fc2dde45519be196c265de074 | — | 2026-05-28 | |
| FileHash-SHA256 | c7425fbe6c3a4937934215c54027d4b67202d12ab490682fae03498870d66d06 | — | 2026-05-28 | |
| FileHash-SHA256 | cf3f8160eb5a5580e0c35054847e3ac4d01e9fe74fab8bc12bf6e8a40bf696b2 | — | 2026-05-28 | |
| FileHash-SHA256 | db2d33c4e6e4a5c2263b56e8303c343305a94dde1fc2968304ba260acbbd9f9f | — | 2026-05-28 | |
| FileHash-SHA256 | e021662a652ba95c8778b991056696ab3c9b0f60d5e23b1e6cf73c3847db6610 | — | 2026-05-28 | |
| IPv4 | 193.42.11.108 | CC=DE ASN=AS58212 php-friends gmbh | 2026-05-28 | |
| domain | directdownload.icu | — | 2026-05-28 | |
| hostname | direct-download.gleeze.com | — | 2026-05-28 | |
| hostname | minemine.gleeze.com | — | 2026-05-28 | |
| hostname | start-download.gleeze.com | — | 2026-05-28 |