← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Accessibility Features - CAPE Sandbox
WHITE msudosos 2026-05-31 Modified: 2026-05-31
281
IOCs
HIGH VOLUME
Malicious actors are increasingly weaponizing accessibility features—such as virtual screen readers, braille terminal emulators, and digital mobility assistance interfaces—as high-utility attack vectors. While these frameworks are legally mandated for vulnerable user populations, they inherently require deep operating system permissions, making them primary targets for exploitation. Malicious API Hooking & Keylogging: Attackers leverage UI Automation and Screen Reader APIs to bypass standard process isolation. By mimicking a legitimate vision-assistance tool, malware can intercept keystrokes, harvest active session credentials, and read sensitive on-screen data (vision prescription/medical records) directly from the application layer. Braille or virtual keyboard input pipeline, transparently altering the user's typed characters to change the semantic meaning of outbound communications or commands. research -tbc.
a domainsdatestatusmovedpassive dnscreation dateas44273 hostunitedas15169 googlegmt contentmetaunknowntitlebodyencryptserving ipaddressstatus codebody lengthkb bodysha256sameoriginxproxycacheinfonc000000 upgmt hostheaderpragmadate mongmt setcookiehttponly serverconnectiontruehealthmerits hqd7282f ogd7282fieedge ogvalue acnameb bodyserverregistrar abuseiana idcontact phonednssecdomain statusregistrar urlregistrar whoisregistrarpdf documentadobe portabledocument formatthumbprintalgorithmkey identifierv3 serialnumberissuercus cnletx3 oletsubject publickey infokey algorithm
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (48 / 281 total)
All FileHash-MD5 FileHash-SHA1 IPv4 URL domain hostname FileHash-SHA256 email Mutex
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 21fab69dcc961dd5293dba9c83b1e0675ffed0c0 2026-05-31
FileHash-SHA1 4662aff9fd59121ee64bb166d3d83fa27edca1ff 2026-05-31
FileHash-SHA1 9a44ff2f2e2b727eba16dc31e4fc4936429cecc7 2026-05-31
FileHash-SHA1 9fd33c2ef164d20d8ba1cf3ac69f7658761000cd 2026-05-31
FileHash-SHA1 014e9b4f91976d023b3bca00a51f0f484a6e879f 2026-05-31
FileHash-SHA1 07b6df95d9ac52adf2b02977e003be7de17708f6 2026-05-31
FileHash-SHA1 1908a6fc9704cc2fb35b9c57c6ad4008665ef157 2026-05-31
FileHash-SHA1 1968e9f61a3e1276544a8aa402f9736184714490 2026-05-31
FileHash-SHA1 19f4148e55e1f562a4447eaf9e4132950570907b 2026-05-31
FileHash-SHA1 1dca48e62cdb935f1df67ce5b1fef5bbe0f3d24a 2026-05-31
FileHash-SHA1 250ceab24edeafabe82095e700a2c0ad3f595486 2026-05-31
FileHash-SHA1 26eac600bf5261b40cadae4860df77f2b2721329 2026-05-31
FileHash-SHA1 27eecc608625d856a8cb8bb63fc7cf0a8a668375 2026-05-31
FileHash-SHA1 2e567615b2cc86ccbe0eb81ed3d8b9c65aea22d9 2026-05-31
FileHash-SHA1 2e8f27817ef6af9430d7a504100611d225f774ca 2026-05-31
FileHash-SHA1 36bdea839f1b4f6b0546e56dffcfd104a5fc661b 2026-05-31
FileHash-SHA1 3a50757c748a5fc0894ab062a2ab4e07f2cae5d5 2026-05-31
FileHash-SHA1 3c8ded155e6422c3477ee05313b0e4b65a5d26cd 2026-05-31
FileHash-SHA1 442bd698cb6a5eb1757c932d44bc2a53ec2a13ad 2026-05-31
FileHash-SHA1 458f4043d85dd0df4a8d03ba46cfbbe52fbe4237 2026-05-31
FileHash-SHA1 55f6cdf93acd3f38ac7c74ae02e004ac8f14cf23 2026-05-31
FileHash-SHA1 5980d83143b20af6e5702fa7c95c059106d05867 2026-05-31
FileHash-SHA1 5d586f129f047d75fbd7b99551bcc37af5efd0c9 2026-05-31
FileHash-SHA1 5f20fecede67874f3d08105ecbf5c3c07221f626 2026-05-31
FileHash-SHA1 796e311508b97cc504efa81d2498570af9931456 2026-05-31
FileHash-SHA1 7a5ec371e2228e4ea0a48496e0b2f57e7bd1f30a 2026-05-31
FileHash-SHA1 7cd452f63a06922baeb9ef1f59a1e577d92007b8 2026-05-31
FileHash-SHA1 7e8a1c9d237ce442d56d4e06ad26d5a7b5ef6519 2026-05-31
FileHash-SHA1 89aed9b9dfb1b3d69cefa7015ec98c00f42d8322 2026-05-31
FileHash-SHA1 89c870715e850f0ce4718aa18d42aff2a6c3477b 2026-05-31
FileHash-SHA1 89d7e957ade652a45cb2c75443f90ebd559304f9 2026-05-31
FileHash-SHA1 9deb0ac99c7c360a6a0354007efd68d35585150a 2026-05-31
FileHash-SHA1 ab96cdbb48b868aca3c2924809954421f49a7996 2026-05-31
FileHash-SHA1 ac5c80529002d3239798a37d66ca7213da7493c7 2026-05-31
FileHash-SHA1 b70ecdbd9a35a297a292d24e4baa676b2c5507e0 2026-05-31
FileHash-SHA1 b8c3562cabf7d50b284a98bda6a6ef164cbc9099 2026-05-31
FileHash-SHA1 badfa2092c545e8a013b829be899dbeb49423cb1 2026-05-31
FileHash-SHA1 c39090a5433a2e842bc9889cfef1acfb7b18fb82 2026-05-31
FileHash-SHA1 c809a0655e9502e5870378101c9281e85e653d68 2026-05-31
FileHash-SHA1 d2fa8f8997890cad50f4600e8fa9406d9dfe3e37 2026-05-31
FileHash-SHA1 d35432c41d563d0174baab91b90478dbe33d1434 2026-05-31
FileHash-SHA1 d39796139d4f007ee0b40b196d28fa70ce6b3c3b 2026-05-31
FileHash-SHA1 dd0f7f39a6551228bd09279f5b8e16db60e94a37 2026-05-31
FileHash-SHA1 e9c40dd6de9e9ed05fa0db16b3eecda7ff6177ae 2026-05-31
FileHash-SHA1 ee0b430495bd29626b33ece056c6d02f591243ae 2026-05-31
FileHash-SHA1 f7b38128ca21741967e48a2aa366f378aa92739f 2026-05-31
FileHash-SHA1 f95f162cd6e30184937c88b0e442ae75a3ef3e44 2026-05-31
FileHash-SHA1 fde13028fc7c16bcde67f2bc61129152c1863259 2026-05-31