ioc[.]one - OSINT Cyber Threat Intelligence Database

BITTER: a targeted attack against Pakistan

Tags

country:	India Pakistan United Kingdom
maec-delivery-vectors:	Watering Hole
attack-pattern:	Domains - T1583.001 Domains - T1584.001 Dynamic Dns - T1311 Dynamic Dns - T1333 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	b9b3e3d2-8f5a-4070-a098-26295d5bfc63
Fingerprint	7551981a1211e9c1
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 21, 2016, 3:04 a.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 18, 2024, 3:36 a.m.
Headline	BITTER: a targeted attack against Pakistan
Title	BITTER: a targeted attack against Pakistan
Detected Hints/Tags/Attributes	50/3/71

Source URLs

	Redirection	Url
Details	Source	https://www.forcepoint.com/blog/security-labs/bitter-targeted-attack-against-pakistan

URL Provider

Details	Provider	Source level domain
Details	forcepoint.com	www.forcepoint.com

Attributes

Details	Type	#Events	Value
Details	CVE	176	cve-2012-0158
Details	Domain	1	spiralbook71.com
Details	Domain	1176	gmail.com
Details	Domain	1	scholars90.website
Details	Domain	1	info2t.com
Details	Domain	1	kart90.website
Details	Domain	1	range7.com
Details	Domain	1	frontier89.website
Details	Domain	1	reloadguide71.com
Details	Domain	1	creed90.com
Details	Domain	1	wester.website
Details	Domain	1	chinatel90.com
Details	Domain	1	ranadey.net78.net
Details	Domain	1	www.queryz4u.com
Details	Domain	1	www.sportszone71.com
Details	Domain	1	micronet.no-ip.co.uk
Details	Domain	1	www.inspire71.com
Details	Domain	1	govsite.ddns.net
Details	Domain	1	randomvalue90.com
Details	Domain	1	marvel89.com
Details	Domain	1	cloudupdates.servehttp.com
Details	Domain	1	pickup.ddns.net
Details	Domain	1	updateservice.redirectme.net
Details	Domain	1	destiny91.com
Details	Domain	1	medzone71.com
Details	Domain	1	nexster91.com
Details	Email	1	witribehelp@gmail.com
Details	File	12	list.doc
Details	File	1	prevention.doc
Details	File	1	guidelines.doc
Details	File	1	gazala-ke-haseen-nagme.doc
Details	File	1	rules.xls
Details	File	1	m2s.php
Details	File	1	svcf.exe
Details	File	1	cnhost.exe
Details	File	1	exist.php
Details	File	1	m2s_reply_u2.php
Details	File	1	hill.php
Details	File	1	ahead.php
Details	File	1	msuds.php
Details	File	1	adfsdsqw.php
Details	File	1	war.php
Details	sha1	1	d7a770233848f42c5e1d5f4b88472f7cb12d5f3d
Details	sha1	1	3ab4ce4b3a44c96d6c454efcece774b33335dda2
Details	sha1	1	7d47ae3114f08ecf7fb473b7f5571d70cf2556da
Details	sha1	1	42cdfe465ed996c546c215a8e994a82fea7dc24c
Details	sha1	1	1990fa48702c52688ce6da05b714a1b3e634db76
Details	sha1	1	93e98e9c4cf7964ea4e7a559cdd2720afb26f7f7
Details	sha1	1	c3a39dc22991fcf2455b8b6b479eda3009d6d0fd
Details	sha1	1	37e59c1b32684cedb341584387ab75990749bde7
Details	sha1	1	52485ae219d64daad6380abdc5f48678d2fbdb54
Details	sha1	1	137a7dc1c33dc04e4f00714c074f35c520f7bb97
Details	sha1	1	e57c88b302d39f4b1da33c6b781557fed5b8cece
Details	sha1	1	0172526faf5d0c72122febd2fb96e2a01ef0eff8
Details	sha1	1	e7e0ba30878de73597a51637f52e20dc94ae671d
Details	sha1	1	fa8c800224786bab5a436b46acd2c223edda230e
Details	sha1	1	c75b46b50b78e25e09485556acd2e9862dce3890
Details	sha1	1	72fa5250069639b6ac4f3477b85f59a24c603723
Details	sha1	1	f898794563fa2ae31218e0bb8670e08b246979c9
Details	sha1	1	2b873878b4cfbe0aeab32aff8890b2e6ceed1804
Details	sha1	1	ddf5bb366c810e4d524833dcd219599380c86e7a
Details	sha1	1	23b28275887c7757fa1d024df3bd7484753bba37
Details	sha1	1	6caae6853d88fc35cc150e1793fef5420ff311c6
Details	sha1	1	1a2ec73fa90d800056516a8bdb0cc4da76f82ade
Details	sha1	1	ff73d3c649703f11d095bb92c956fe52c1bf5589
Details	sha1	1	c0fcf4fcfd024467aed379b07166f2f7c86c3200
Details	sha1	1	0116b053d8ed6d864f83351f306876c47ad1e227
Details	sha1	1	4be6e7e7fb651c51181949cc1a2d20f61708371a
Details	sha1	1	998d401edba7a9509546511981f8cd4bff5bc098
Details	sha1	1	21ef1f7df01a568014a92c1f8b41c33d7b62cb40
Details	sha1	1	c77b8de689caee312a29d30094be72b18eca778d