ioc[.]one - OSINT Cyber Threat Intelligence Database

Hamas-affiliated Threat Actor WIRTE Continues its Middle East Operations and Moves to Disruptive Activity - Check Point Research

Tags

country:	Egypt Argentina Jordan Iran Iraq Israel Saudi Arabia Lebanon
maec-delivery-vectors:	Watering Hole
attack-pattern:	Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Scheduled Task - T1053.005 Tool - T1588.002 Powershell - T1086 Scheduled Task - T1053

Show in Graph

Common Information

Type	Value
UUID	50a39dd5-a4be-4d1d-9b67-9a677d1e3612
Fingerprint	b48089dba139a481
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 12, 2024, 5:30 p.m.
Added to db	Nov. 12, 2024, 6:44 p.m.
Last updated	Nov. 15, 2024, 12:35 p.m.
Headline	Hamas-affiliated Threat Actor WIRTE Continues its Middle East Operations and Moves to Disruptive Activity
Title	Hamas-affiliated Threat Actor WIRTE Continues its Middle East Operations and Moves to Disruptive Activity - Check Point Research
Detected Hints/Tags/Attributes	92/3/122

Source URLs

	Redirection	Url
Details	Source	https://research.checkpoint.com/2024/hamas-affiliated-threat-actor-expands-to-disruptive-activity/

URL Provider

Details	Provider	Source level domain
Details	checkpoint.com	research.checkpoint.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	204	✔	Check Point Research	https://research.checkpoint.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	3	saudiarabianow.org
Details	Domain	3	jordanrefugees.com
Details	Domain	3	bankjordan.com
Details	Domain	3	egyptskytours.com
Details	Domain	3	egypttourism-online.com
Details	Domain	3	ransom.win
Details	Domain	2	infoastealer.win
Details	Domain	3	king-pharmacy.com
Details	Domain	3	microsoftwindowshelp.com
Details	Domain	3	economystocking.com
Details	Domain	3	wellhealthtech.com
Details	Domain	3	microsoftliveforums.com
Details	Domain	3	dentalaccord.com
Details	Domain	3	economymentor.com
Details	Domain	3	microsoftteams365.com
Details	Domain	3	finance-analyst.com
Details	Domain	3	trendingcharts.finance-analyst.com
Details	Domain	3	finances-news.com
Details	Domain	3	support-api.financecovers.com
Details	Domain	3	healthoptionstoday.com
Details	Domain	3	ellemedic.com
Details	Domain	3	easybackupcloud.com
Details	Domain	3	financeinfoguide.com
Details	Domain	3	printspoolerupdates.com
Details	File	4	pinenrollmentbroker.exe
Details	File	17	propsys.dll
Details	File	6	setup_wm.exe
Details	File	2	الإقليمي.exe
Details	File	89	version.dll
Details	File	2	exit-dn4-core.dll
Details	File	4	esetunleashed_081024.zip
Details	File	208	setup.exe
Details	File	32	image.jpg
Details	File	5	video.mp4
Details	File	23	microsoftedge.exe
Details	File	5	csrs.exe
Details	File	196	desktop.ini
Details	File	8	msasn1.dll
Details	File	3	agent.jpg
Details	File	13	manager.exe
Details	File	48	agent.exe
Details	File	3	incd-securityupdate-feb24.apk
Details	sha256	3	b7c5af2d7e1eb7651b1fe3a224121d3461f3473d081990c02ef8ab4ace13f785
Details	sha256	3	2700142c0b78fdbf3df30125a72443e2317d5079a01ff26022a66d0b7bd4c5b1
Details	Domain	3	theshortner.com
Details	Domain	3	master-dental.com
Details	Domain	2	requestinspector.com
Details	Domain	3	oref.org.il
Details	Domain	3	libexampleone.so
Details	Domain	3	saudiday.org
Details	Domain	2	saudi.org
Details	Domain	3	jordansons.com
Details	Domain	2	jordantimes.com
Details	Domain	3	egyptican.com
Details	Domain	2	dailynewsegypt.com
Details	Domain	4	inclusive-economy.com
Details	Domain	2	inclusiveeconomy.us
Details	Domain	3	healthcarb.com
Details	Domain	2	healthline.com
Details	Domain	3	suppertools.com
Details	Domain	3	healthscratches.com
Details	sha256	3	3fc92e8a440ca16172f7d93bd9de3c6f9391e26d3a1cb964e966ee1ee31770df
Details	sha256	3	5d773e734290b93649a41ccda63772560b4fa25ba715b17df7b9f18883679160
Details	sha256	3	5fa809c0e5dff03bd202b86cd334e80c7ed5dbad9aed7b12a3799ea0800e5f31
Details	sha256	3	0a4397f7d5da024b10c778910d6db84a6ba0fc3375fe6fe9b470f7e269ddc716
Details	sha256	3	26cb6055be1ee503f87d040c84c0a7cacb245b4182445e3eee47ed6e073eca47
Details	sha256	3	75c2fb3ae08502a57c8c96ea788ef946a8bb35fb4a16e76deefae4c94fd03fd7
Details	sha256	3	86791aa96bac086330bf927ea5c2725ff73aaedfadc2571f4f393aa4d3a6b690
Details	sha256	3	8ce87eefded0713c9258f8f2086dcc51028fb404ceb526f832df4c93108c8146
Details	sha256	3	8818c7c2cbd60521b8eb59ff9a720840535651343b30c1b279515d42d8036a8a
Details	sha256	3	7e0d0f77fe1dcb1e7a0a0a2fc0c25a68eee551c7045935449ae64dcbd1310958
Details	sha256	3	795b997c248b2f344f813cd0c15d3d435e6218c91d0f0f54a464d739feead4c5
Details	sha256	3	9fc4c7cdcaa3c3c03ba65f138386e875d02f7fcaf10de720dfde20167e393f38
Details	sha256	3	7c0a8d3dec1675fd8ba0a73fb5b8eee3bef0214aa78a7aab73b8ba9814651f9f
Details	sha256	4	b447ba4370d9becef9ad084e7cdf8e1395bafde1d15e82e23ca1b9808fef13a7
Details	sha256	3	9b2a16cbe5af12b486d31b68ef397d6bc48b2736e6b388ad8895b588f1831f47
Details	sha256	3	c51952f2caf55b455e7c7eb8048422bb477e3a616cb68f6fa524e15892b9f328
Details	sha256	3	d3a53be1f64325c566bb71222b3747da81439dea8fc9a458fb459355cfa9e7f2
Details	sha256	3	ac227dd5c97a36f54e4fa02df4e4c0339b513e4f8049616e2a815a108e34552f
Details	sha256	3	c068b9e7130f6fb5763beb9564e92a89644755f223b2f65dc762ed5c77c5b8e3
Details	sha256	3	c22f0544e29c803d2cacbca3a57617496e3691389e9b65da84c374c90e699433
Details	sha256	3	76a543a49e46ad9163b2a06f6cea7a5e8eb5183cd3213e64446a8c66310fac3a
Details	sha256	3	e2ba2d3d2c1f0b5143d1cd291f6a09abe1c53e570800d8ae43622426c1c4343c
Details	sha256	3	02902a5e07a80aa56c24c6a8d4cca9fcfb32f32bb074f9c449cad5b3b18a070c
Details	sha256	4	e6d2f43622e3ecdce80939eec9fffb47e6eb7fc0b9aa036e9e4e07d7360f2b89
Details	sha256	3	3b4ee3d5c1a7202b053159becac4d0b622641e2e4a7b27f339c03a90f287d381
Details	sha256	3	f2de8a5daed043ef3ab1f52156a4f7ff8f9a382f7f58ace6abb463f5cbab060c
Details	sha256	3	fca0b3e57b3f9a14d18c435e564fe6db3620ba446e1b863737a9b36cbcc7251a
Details	sha256	3	eddd40d457088d8384784ce80eaf0aefb1485776e0916e60781befbd739d4608
Details	sha256	3	6ab5a0b7080e783bba9b3ec53889e82ca4f2d304e67bd139aa267c22c281a368
Details	sha256	3	2abff990d33d99a0732ddbb3a39831c2c292f36955381d45cd8d40a816d9b47a
Details	sha256	3	9fe7b2f4c17dd0c7a00aaa6a779c30e2cb3faa4b14766e02f616d00e6f6e9007
Details	sha256	3	3d2409c7834287178f61116c9b653e3520172a10ebef58f58f99d27a34b839bd
Details	sha256	3	5b7e8e685f6ee6b4810ed94b4420e08a10a977516b47fea356173cfaec2c41a0
Details	sha256	3	41112f36fc17f57f0e476c9ffa9e1ecbff796dc31a7ff0372d0d8708a5e9c50b
Details	sha256	3	2d55c68aa7781db7f2324427508947f057a6baca78073fee9a5ad254147c8232
Details	IPv4	3	185.158.248.161
Details	IPv4	3	193.168.141.29
Details	IPv4	3	140.99.164.56
Details	IPv4	3	160.119.251.181
Details	IPv4	3	188.92.78.148
Details	IPv4	3	185.165.169.76
Details	IPv4	3	45.134.9.202
Details	IPv4	3	37.120.247.22
Details	IPv4	3	195.123.210.42
Details	IPv4	3	140.99.164.86
Details	IPv4	3	213.252.244.234
Details	IPv4	3	5.42.221.151
Details	IPv4	3	37.221.65.254
Details	IPv4	3	80.77.25.49
Details	IPv4	3	193.168.141.61
Details	IPv4	3	185.247.224.28
Details	IPv4	3	185.158.248.201
Details	IPv4	3	185.165.169.117
Details	IPv4	3	45.59.118.145
Details	IPv4	3	37.120.247.100
Details	IPv4	3	185.225.70.168
Details	IPv4	3	80.77.25.216
Details	IPv4	3	38.180.151.206
Details	Url	2	https://theshortner.com/fxt1j
Details	Url	2	https://suppertools.com/s/?uid=181b9056
Details	Url	2	https://healthscratches.com/s/?uid=06d32218