Pulse Detail — Threat Intelligence

PULSE NAME

IOC - GREYVIBE: A Russia-nexus group leveraging AI across state-aligned operations

WHITE celestre 2026-06-02 Modified: 2026-06-02

178

IOCs

HIGH VOLUME

GREYVIBE has used several delivery approaches. We grouped GREYVIBE’s observed activity into a set of distinct campaigns linked by shared malware, infrastructure, and operational behaviours. Across these campaigns, the group has consistently used appropriate lures for deception and implemented a decoy-and-payload execution logic to reinforce the credibility of the lure while covertly gaining access to the victim’s machine.

Indicators of Compromise (17 / 178 total)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 IPv4 URL domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	11b47e3a02edac898638b1906774210d	—	2026-06-02
FileHash-MD5	1282a7a5833dfa560457c8a638a3249c	MD5 of 93111e523c38d98247a78a0d1d9ae163e9874acb70721f6fe0bf451c62fff283	2026-06-02
FileHash-MD5	31a187835006421c1287918014b671aa	MD5 of c716dabe228f89e58835d2c93dbaa5719dc77f62c9e84f3e3d54ef82ded621e1	2026-06-02
FileHash-MD5	412196c2f6850998f9681341711aa863	MD5 of e8d0943042e34a37ae8d79aeb4f9a2fa07b4a37955af2b0cc0e232b79c2e72f3	2026-06-02
FileHash-MD5	67bc37d94b09c7a59d4fd7e224c6c5bc	MD5 of c823a315c2c78d2fd345c9b38bb7fc31a8cbff96c534ce9cc66c4e54bc7935a2	2026-06-02
FileHash-MD5	77f27ffccd75fc39ea003cbde32c624b	MD5 of bcb9e99021f88b9720a667d737a3ddd7d5b9f963ac3cae6d26e74701e406dcdc	2026-06-02
FileHash-MD5	79079afa75880100a942d13fe4068a98	MD5 of 7db11cf6a0417d5e20cd6720687ba86045b2fb758a7b585a49f572df2dc40c5e	2026-06-02
FileHash-MD5	842d96f208b567e58c5656017fb67df6	MD5 of 07d9deaace25d90fc91b31849dfc12b2fc3ac5ca90e317cfa165fe1d3553eead	2026-06-02
FileHash-MD5	9fc82b8881add8b216465a8ad0a571ed	MD5 of b0c07b265c9d9046038ffa48d5b8e17b8ba0791503beba85196cdbe0ac2fcb27	2026-06-02
FileHash-MD5	a680f027bcd9069544338fdab6f09210	MD5 of 40f9399ea067d69c0985aecdc54beddbcb585d7f660606e5bb4be981811c28ba	2026-06-02
FileHash-MD5	b07df2ae78be6085bdce1206edaaecd6	MD5 of 48a371a3973983a9bdb395cb33d6fce68d75b41d4bfd86d3f923cff79b545efc	2026-06-02
FileHash-MD5	b9be544b776d6bed422b2691272ae785	MD5 of 2abb318455960b446d034967c8403ec4339ba248b946f02cb1307ed7e6f4e327	2026-06-02
FileHash-MD5	bc94232f50e19965cb3f1bc1fc5e8f9d	MD5 of 476334f9254ef0277b3462b6086655f38358a983b95991cfe4dcdd787740906a	2026-06-02
FileHash-MD5	d40111f212eabc073a17006777a98633	MD5 of e9634032df81334e9e960ab8b88ff05a0f7ec9c034dc012f816f09e23c18d41b	2026-06-02
FileHash-MD5	e99f402c58c5bab5aa5894e95ead0818	MD5 of ccc7f039e1afd55fe8bc767ae688e71e66f162aba0c0d1650face02f15e9c7d0	2026-06-02
FileHash-MD5	f4d1aebb42054472c547d965dcba6a06	MD5 of 87b8abb05c7ee5642a5e801e7825dfa5ee4c1393ac998e87470ab53cc75e1842	2026-06-02
FileHash-MD5	fd646538337235eed3c65bad6ce9d419	MD5 of 5115eca388860371d994457793f3a3c2c3d106da48ca12ecccb9432522c56cc3	2026-06-02

References (1)

↗ https://www.withsecure.com/en/resources-hub/w-labs/greyvibe/#the-blurred-lines-of-attribution