otx.alienvault.com
Open in
urlscan Pro
143.204.98.80
Public Scan
URL:
https://otx.alienvault.com/pulse/627ce58306cce7d0a5ae037a?utm_userid=swimlanecyou&utm_medium=inproduct&utm_source=otx&utm_c...
Submission: On June 03 via api from US — Scanned from DE
Submission: On June 03 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
× * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * Share Actions Subscribers (189254) Suggest Edit Clone Embed Download Report Spam BITTER APT ADDS BANGLADESH TO THEIR TARGETS * Created 3 weeks ago by AlienVault * Public * TLP: White Cisco Talos discovered an ongoing campaign operated by what they believe is the Bitter APT group since August 2021. This campaign is a typical example of the actor targeting South Asian government entities. Reference: https://blog.talosintelligence.com/2022/05/bitter-apt-adds-bangladesh-to-their.html Tags: Bitter, APT, Bitter RAT, Artra downloader, SlideRAT, AndroRAT Adversary: Bitter Industries: Energy, Government Targeted Countries: Saudi Arabia , China , Bangladesh , Pakistan Malware Families: Bitter RAT , Artra Downloader , SlideRAT , AndroRAT Att&ck IDs: T1566 - Phishing , T1102 - Web Service , T1053 - Scheduled Task/Job , T1033 - System Owner/User Discovery , T1057 - Process Discovery , T1140 - Deobfuscate/Decode Files or Information , T1059 - Command and Scripting Interpreter , T1559 - Inter-Process Communication , T1071 - Application Layer Protocol Endpoint Security Scan your endpoints for IOCs from this Pulse! Learn more * Indicators of Compromise (80) * Related Pulses (16) * Comments (0) * History (0) Domain (6)Other (35)email (7)FileHash-SHA1 (14)FileHash-MD5 (7)FileHash-SHA256 (10) TYPES OF INDICATORS Show 10 25 50 100 entries Search: type indicator Role title Added Active related Pulses hostnamehelpdesk.autodefragapp.comMay 12, 2022, 10:46:28 AM6 emailso.dc@pc.gov.pkMay 12, 2022, 10:46:28 AM3 emailmem_psd@pc.gov.pkMay 12, 2022, 10:46:28 AM3 emailddscm2@pof.gov.pkMay 12, 2022, 10:46:28 AM3 emailchief_pia@pc.gov.pkMay 12, 2022, 10:46:28 AM3 emailarc@desto.gov.pkMay 12, 2022, 10:46:28 AM3 domainurocakpmpanel.comMay 12, 2022, 10:46:28 AM5 domaintomcruefrshsvc.comMay 12, 2022, 10:46:28 AM5 domainolmajhnservice.comMay 12, 2022, 10:46:28 AM7 domainmswsceventlog.netMay 12, 2022, 10:46:28 AM5 SHOWING 1 TO 10 OF 80 ENTRIES 1 2 3 4 5 ... 8 Next COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2022 AlienVault, Inc. * Legal * Status