ioc[.]one - OSINT Cyber Threat Intelligence Database

GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool

Tags

country:	Afghanistan Australia Belgium Malaysia Cambodia Japan Mozambique Philippines Vietnam
attack-pattern:	Data Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Dynamic Dns - T1311 Dynamic Dns - T1333 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Timestomp - T1070.006 Tool - T1588.002 Connection Proxy - T1090 Timestomp - T1099

Show in Graph

Common Information

Type	Value
UUID	9878dd97-f30e-4f36-9b4e-c4b18bad68b8
Fingerprint	5b8811dc0cb0a7d1
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 13, 2022, 10 a.m.
Added to db	Sept. 26, 2022, 9:33 a.m.
Last updated	Nov. 18, 2024, 9:32 a.m.
Headline	GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool
Title	GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool
Detected Hints/Tags/Attributes	79/2/160

Source URLs

	Redirection	Url
Details	Source	https://unit42.paloaltonetworks.com/pingpull-gallium/

URL Provider

Details	Provider	Source level domain
Details	paloaltonetworks.com	unit42.paloaltonetworks.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	t1.hinitial.com
Details	Domain	1	hinitial.com
Details	Domain	1	v2.hinitial.com
Details	Domain	1	v3.hinitial.com
Details	Domain	1	v4.hinitial.com
Details	Domain	1	v5.hinitial.com
Details	Domain	1	goodjob36.publicvm.com
Details	Domain	1	df.micfkbeljacob.com
Details	Domain	1	micfkbeljacob.com
Details	Domain	1	jack.micfkbeljacob.com
Details	Domain	1	goodluck23.jp.us
Details	Domain	1	helpinfo.publicvm.com
Details	Domain	1	mailedc.publicvm.com
Details	File	2128	cmd.exe
Details	File	6	c:\test.txt
Details	File	103	test.txt
Details	File	1	samp.exe
Details	File	1	samp_f86ebe.exe
Details	File	1	servermannger.exe
Details	File	1	goodjob36.pub
Details	File	1	helpinfo.pub
Details	File	1	mailedc.pub
Details	sha1	1	76efd8ef3f64059820d937fa87acf9369775ecd5
Details	sha256	1	de14f22c88e552b61c62ab28d27a617fb8c0737350ca7c631de5680850282761
Details	sha256	1	b4aabfb8f0327370ce80970c357b84782eaf0aabfc70f5e7340746f25252d541
Details	sha256	1	fc2147ddd8613f08dd833b6966891de9e5309587a61e4b35408d56f43e72697e
Details	sha256	1	c55ab8fdd060fb532c599ee6647d1d7b52a013e4d8d3223b361db86c1f43e845
Details	sha256	1	f86ebeb6b3c7f12ae98fe278df707d9ebdc17b19be0c773309f9af599243d0a3
Details	sha256	1	8b664300fff1238d6c741ac17294d714098c5653c3ef992907fc498655ff7c20
Details	sha256	1	1ce1eb64679689860a1eacb76def7c3e193504be53ebb0588cddcbde9d2b9fe6
Details	IPv4	1	172.16.189.130
Details	IPv4	1	5.181.25.55
Details	IPv4	1	92.38.135.62
Details	IPv4	1	5.8.71.97
Details	IPv4	1	101.36.102.34
Details	IPv4	1	101.36.102.93
Details	IPv4	1	101.36.114.167
Details	IPv4	1	101.36.123.191
Details	IPv4	1	103.116.47.65
Details	IPv4	1	103.179.188.93
Details	IPv4	1	103.22.183.131
Details	IPv4	1	103.22.183.138
Details	IPv4	1	103.22.183.141
Details	IPv4	1	103.22.183.146
Details	IPv4	1	103.51.145.143
Details	IPv4	1	103.61.139.71
Details	IPv4	1	103.61.139.72
Details	IPv4	1	103.61.139.75
Details	IPv4	1	103.61.139.78
Details	IPv4	1	103.61.139.79
Details	IPv4	1	103.78.242.62
Details	IPv4	1	118.193.56.130
Details	IPv4	1	118.193.62.232
Details	IPv4	1	123.58.196.208
Details	IPv4	1	123.58.198.205
Details	IPv4	1	123.58.203.19
Details	IPv4	1	128.14.232.56
Details	IPv4	1	152.32.165.70
Details	IPv4	1	152.32.203.199
Details	IPv4	1	152.32.221.222
Details	IPv4	1	152.32.245.157
Details	IPv4	1	154.222.238.50
Details	IPv4	1	154.222.238.51
Details	IPv4	1	165.154.52.41
Details	IPv4	1	165.154.70.51
Details	IPv4	1	167.88.182.166
Details	IPv4	1	176.113.71.62
Details	IPv4	1	2.58.242.230
Details	IPv4	1	2.58.242.231
Details	IPv4	1	2.58.242.235
Details	IPv4	1	202.87.223.27
Details	IPv4	1	212.115.54.54
Details	IPv4	1	37.61.229.104
Details	IPv4	1	45.116.13.153
Details	IPv4	1	45.128.221.61
Details	IPv4	1	45.128.221.66
Details	IPv4	1	45.136.187.98
Details	IPv4	1	45.14.66.230
Details	IPv4	1	45.154.14.132
Details	IPv4	1	45.154.14.164
Details	IPv4	1	45.154.14.188
Details	IPv4	1	45.154.14.254
Details	IPv4	1	45.251.241.74
Details	IPv4	2	45.251.241.82
Details	IPv4	1	45.76.113.163
Details	IPv4	1	47.254.192.79
Details	IPv4	2	92.223.30.232
Details	IPv4	1	92.223.30.52
Details	IPv4	1	92.223.90.174
Details	IPv4	1	92.223.93.148
Details	IPv4	1	92.223.93.222
Details	IPv4	1	92.38.139.170
Details	IPv4	1	92.38.149.101
Details	IPv4	1	92.38.149.241
Details	IPv4	1	92.38.171.127
Details	IPv4	1	92.38.176.47
Details	IPv4	1	107.150.127.124
Details	IPv4	1	118.193.56.131
Details	IPv4	1	176.113.71.168
Details	IPv4	1	185.239.227.12
Details	IPv4	1	194.29.100.173
Details	IPv4	1	2.58.242.236
Details	IPv4	1	45.128.221.182
Details	IPv4	1	45.154.14.191
Details	IPv4	1	47.254.250.117
Details	IPv4	1	79.133.124.88
Details	IPv4	1	103.137.185.249
Details	IPv4	1	103.61.139.74
Details	IPv4	1	107.150.112.211
Details	IPv4	1	107.150.127.140
Details	IPv4	1	146.185.218.65
Details	IPv4	1	152.32.221.242
Details	IPv4	1	165.154.70.62
Details	IPv4	1	176.113.68.12
Details	IPv4	1	185.101.139.176
Details	IPv4	1	188.241.250.152
Details	IPv4	1	188.241.250.153
Details	IPv4	1	193.187.117.144
Details	IPv4	1	196.46.190.27
Details	IPv4	1	2.58.242.229
Details	IPv4	1	2.58.242.232
Details	IPv4	1	37.61.229.106
Details	IPv4	1	45.128.221.172
Details	IPv4	1	45.128.221.186
Details	IPv4	1	45.128.221.229
Details	IPv4	1	45.134.169.147
Details	IPv4	1	103.170.132.199
Details	IPv4	1	107.150.110.233
Details	IPv4	1	152.32.255.145
Details	IPv4	1	167.88.182.107
Details	IPv4	1	185.239.226.203
Details	IPv4	1	185.239.227.34
Details	IPv4	1	45.128.221.169
Details	IPv4	1	45.136.187.41
Details	IPv4	1	137.220.55.38
Details	IPv4	1	45.133.238.234
Details	IPv4	1	103.192.226.43
Details	IPv4	1	92.38.149.88
Details	IPv4	1	5.188.33.237
Details	IPv4	1	146.185.218.176
Details	IPv4	1	43.254.218.104
Details	IPv4	1	43.254.218.57
Details	IPv4	1	43.254.218.98
Details	IPv4	1	92.223.59.84
Details	IPv4	1	43.254.218.43
Details	IPv4	1	81.28.13.48
Details	IPv4	1	89.43.107.191
Details	IPv4	1	103.123.134.145
Details	IPv4	1	103.123.134.161
Details	IPv4	1	103.123.134.165
Details	IPv4	1	103.85.24.81
Details	IPv4	1	212.115.54.241
Details	IPv4	1	43.254.218.114
Details	IPv4	1	89.43.107.190
Details	IPv4	1	103.123.134.139
Details	IPv4	1	103.123.134.240
Details	IPv4	1	103.85.24.121
Details	IPv4	1	103.169.91.93
Details	IPv4	1	103.169.91.94
Details	IPv4	1	45.121.50.230