value,entity_type,description
d8ac12cc83643be939eed9627c618f68c3c6c8b65fb0b69f4b44b053de78476e,file,AHMYTHRAT mobile spyware masquerading as Red Alert app
49ca980e8d838b0aea02346a075d549132118f8375c8484ba763ffd1bc491f3a,file,AHMYTHRAT mobile spyware masquerading as Red Alert app
4acb2eb1e13814051f09c0928e4cd1b3171fd427c28f04f359a80a3028bfd616,file,BLACKATOM SYSJOKER executable
cf960eb71a420e134e0034b9ea10cc187fa40c01f05984828de5a36fd185b233,file,BLACKATOM SYSJOKER Full project archive containing 0bd8bc8ab82f31b87b03b7bb609ec78f1092bcb6458a46e550e55a199dfcbe3c
17a04451db9ee871ca853595e1a414a3f6518e14e21be8c7d1ee4e5ccef1dbe5,file,BLACKATOM SYSJOKER HRSystemFinal.zip distributed to targets
e23dace7f605eb3598e66d945b748f65f45d479fcb92d7c4d18cbb1b46bd829f,file,BLACKATOM SYSJOKER HRSystemReactjsV2.zip distributed to targets
6e53e29e6c5d8d679450b68a52bf0c2add47bcacac0e21ef8f73ce7b0ad9ebc6,file,BLACKATOM SYSJOKER LeanApps Lure doc
0bd8bc8ab82f31b87b03b7bb609ec78f1092bcb6458a46e550e55a199dfcbe3c,file,BLACKATOM SYSJOKER Malicious code IdentityService.cs in github project
e7cafdd9c1d3506e5d165d0215d8e3bdd7a22ef28a6e4bcd736c71d595170e95,file,BLACKSTEM archive containing MAGNIFI
c39e2afb46467867a275aa49bd994d44eb3b7b7b9e7fd2cb545cd1e03110d7d1,file,BLACKSTEM archive containing MAGNIFI
59d9fa39d6597f569d3b91d4c79da7648e9dc7cda35b4bf1419488611e55706b,file,BLACKSTEM MAGNIFI executable
3e321ce30eae3c48d10bdf8a4cb81f1dde46d3df82db958c7e863c697f53aa4f,file,BLACKSTEM MAGNIFI executable
dde145887fa3ff014bca6bc775cb5f322fe02c1def0bacebd55383e8260dfebb,file,BLACKSTEM PASQOTDROID APK fake clone of Palestine's Ministry of Interior and National
dbcffb623cb1961573c3e5d7fd5c4a3ac0f79ea7b5efb0710c49ffdae55acf01,file,CHILLWIPE wiper
ad66251d9e8792cf4963b0c97f7ab44c8b68101e36b79abc501bee1807166e8a,file,COOLWIPE wiper
64c5fd791ee369082273b685f724d5916bd4cad756750a5fe953c4005bb5428c,file,COOLWIPE wiper
ca9bf13897af109cb354f2629c10803966eb757ee4b2e468abc04e7681d0d74a,file,COOLWIPE wiper
fe07dca68f288a4f6d7cbd34d79bb70bc309635876298d4fde33c25277e30bd2,file,COOLWIPE wiper
e28085e8d64bb737721b1a1d494f177e571c47aab7c9507dba38253f6183af35,file,COOLWIPE wiper
8d63269c4398f1bf6c05600c07c0bc694781ea30754cbd5dfa31c2177f19ca6b,file,DESERTVARNISH LOVELYDROID APK
1db4d16f0b1ae5cc1f53a3e0fd1871f3e45e66ed94ff3766ce81c76d8ecfecf5,file,DESERTVARNISH MOAAZDROID APK
0eecf3ce5e6bb9218e83cd824260980992161931c5f7a0b7be98899e0731bb32,file,DESERTVARNISH MOAAZDROID APK
23bae09b5699c2d5c4cb1b8aa908a3af898b00f88f06e021edcb16d7d558efad,file,DUNE BiBi Wiper Linux
40417e937cd244b2f928150cae6fa0eff5551fdb401ea072f6ecdda67a747e17,file,DUNE BiBi Wiper Windows
f6d4b5e7292606ac2d895a5b8edb7598baacb64a961553c8b7b59c8cb3a73f0f,file,MYSTICDOME MYTHDROID APK
85cd4762cf6216cd8472f6495491e9c4c6e2a00164a766f141022b9902f8e6a2,file,MYSTICDOME MYTHDROID APK
33bd881ea44194492f416acbde9b2d28f23216a528d2e1ff3fa805312a392284,file,MYSTICDOME MYTHDROID APK
a4b55a6824b0d7b74493db024ebafdac2466f2c4d7af0d3a08c7dbd41550512a,file,MYSTICDOME SOLODROID APK
0366cfb6b332491b324f73aca294aab853da1c6d322f28ec97387e7559b439e8,file,MYSTICDOME SOLODROID APK
5d512fe9ece2844adf0d39f8f235cac74af4020625fd6119a7bb0e3c2f9ffad8,file,MYSTICDOME SOLODROID APK
0636c6666ea9aa279c14334b6441c7d6b64fa09619f8c136c8dd0a9eec4b28d0,file,MYSTICDOME SOLODROID APK
74d010d6089cd2983c99b5e884520f014047a3465241923f087fd01ce66fd7ea,file,POWERPUG backdoor
7bc6986488ed9981eccb439cf7990ee85e82b460194b82a713d5724d2f17b6a6,file,REDRUSE mobile spyware masquerading as Red Alert app
5087a896360f5d99fbf4eb859c824d19eb6fa358387bf6c2c5e836f7927921c5,file,REDRUSE mobile spyware masquerading as Red Alert app
mailer-daemon.co,hostname,APT42 Phishing domain
mailerdaemon.online,hostname,APT42 Phishing domain
daemon-mailer.co,hostname,APT42 Phishing domain
bitly.org.il,hostname,APT42 Phishing domain
pasmoiapp.com,hostname,BLACKSTEM C2 for PASQOTDROID
glorynewstoday.com,hostname,BLACKSTEM domain hosting MAGNIFI
stromectolonline.com,hostname,BLACKSTEM domain hosting MAGNIFI
ppmataro.com,hostname,BLACKSTEM domain hosting MAGNIFI
fbmro.com,hostname,BLACKSTEM domain phishing MS auth tokens
ncgrassfed.com,hostname,BLACKSTEM domain phishing MS auth tokens
morecoreservises.com,hostname,DESERTVARNISH LOVELYDROID C2
kathleenhumphreystore.com,hostname,DESERTVARNISH MOAAZDROID - C2
businessservicesinc.net,hostname,DESERTVARNISH MOAAZDROID - C2
gamerocker.net,hostname,DESERTVARNISH MOAAZDROID - C2
jennifercanti.com,hostname,DESERTVARNISH MOAAZDROID - C2/Admin Panel
www.isra-help.org,hostname,GREATRIFT site hosting TOXICHELP
shebacenter.online,hostname,GREATRIFT site spoofing Israeli hospital
shebacenter.org,hostname,GREATRIFT site spoofing Israeli hospital
cyberflood.io,hostname,MARNANBRIDGE Cyber Flood domain
latest-tools.store,hostname,MYSTICDOME MYTHDROID
solofansapp.page.link,hostname,MYSTICDOME SOLODROID distribution URL
myprofileface.page.link,hostname,MYSTICDOME SOLODROID distribution URL
ifstate.page.link,hostname,MYSTICDOME SOLODROID distribution URL
redalerts.me,hostname,Red Alert domain hosting APK Impersonating Israel's air strike alert app
198.252.108.237,ip_address,BLACKATOM SYSJOKER C2
194.195.86.249,ip_address,BLACKATOM SYSJOKER C2
107.172.79.5,ip_address,BLACKSTEM C2 for MAGNIFI
168.235.108.172,ip_address,BLACKSTEM IP hosting MAGNIFI
85.114.102.58,ip_address,BLACKSTEM sent MAGNIFI from
45.140.146.107,ip_address,DESERTVARNISH MOAAZDROID - C2 IP
https://mailer-daemon.co/File.ID==G-D.58412096301,url,APT42 Phishing URL
https://mailer-daemon.co/G-Drive.SharedFile.id=84240752,url,APT42 Phishing URL
https://bitly.org.il/j094113n,url,APT42 Phishing URL
https://docs.google.com/document/d/1ZLqm72VozNuf6GA0WHZtj2MBuiSDacTX/edit?usp=drive_link,url,APT42 Phishing URL
https://docs.google.com/file/d/1Rw3LISf9RuSgZIOZT3KYCd68clUSMZtZ/,url,"BLACKATOM SYSJOKER Archive distributed to targets ""HRSystemFinal.zip"""
https://docs.google.com/file/d/144PriVCb8fugM4RG-hJd52E9eNrTcfXg/,url,"BLACKATOM SYSJOKER Archive distributed to targets ""HRSystemReactjsV2.zip"""
https://docs.google.com/file/d/1LJPHm4c_b1LizQ_TCOUKFUfcLQdYmX95/edit,url,BLACKATOM SYSJOKER LeanApps Lure doc
https://www.dropbox.com/scl/fi/4jbcia2w25bcv6dm8s6jr/MOI-Service.apk?rlkey=l0uunhyya508zjwkpieus5yll&dl=1,url,BLACKSTEM url hosting PASQOTDROID
https://t.me/Cyber_Flood,url,MARNANBRIDGE Cyber Flood Telegram Channels
https://t.me/Leak_Cyber_Flood,url,MARNANBRIDGE Cyber Flood Telegram Channels
https://t.me/cyber_flood_backup,url,MARNANBRIDGE Cyber Flood Telegram Channels
https://twitter.com/Cyber_Flood,url,MARNANBRIDGE Cyber Flood Twitter Page
http://github.com/sivo2000/gokok/raw/main/gokik_v11.apk,url,MYSTICDOME MYTHDROID distribution URL
https://redalertt.github.io/redalerts/app.apk,url,Red Alert APK Impersonating Israel's air strike alert app