Elephant Hunting | Inside an Indian Hack-For-Hire Group [Monday, November 20, 2023]

Elephant Hunting | Inside an Indian Hack-For-Hire Group [Monday, November 20, 2023]
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/ATTACK-REPORT-LOGO-2.png
Report

Elephant Hunting | Inside an Indian Hack-For-Hire Group

Description :
SentinelLabs has garnered new intelligence pertaining to the activities of the Appin Security Group, a renowned entity in the realm of hack-for-hire services.

Published :
2023-11-20T14:03:49.948Z

Created :
2023-11-20T14:03:49.948Z

Modified :
2023-11-20T14:11:33.618Z

Tags

  • apt
  • appin

Indicators

Domains :
  • authorisedsecurehost.com
  • spidercom.info
  • freesecurehostings.com
  • gauzpie.com
  • reliablensecurehost.net
  • t3rmin3.com
  • bluecreams.com
  • freensecurehost.com
  • hotmasalanewssite.com
  • hatemewhy.com
  • tow3r.info
  • servicesaccount.com
  • updatesl1nk.com
  • cr3ator01.net
  • follow-ship.com
  • karzontheway.com
  • newamazingfacts.com
  • pc-technsupport.com
  • abdupdates.com
  • crowcatcher.com
  • securenhost.com
  • piegauz.net
  • s3rv1c3s.net
  • h3helnsupp0ort.com
  • easyhost-ing.com
  • c0ttenc0unty.com
  • serviceaccountloginservicemail.info
  • forest-fire.net
  • draganheart.com
  • bksrv3r001.com
  • hostingserveronline.net
  • speedaccelator.com
  • foxypredators.com
  • f00dlover.info
  • devinmartin.net
  • alr3ady.net
  • jasminjorden.com
  • directsupp0rt.com
  • msoftweb.com
  • taraanasongs.com
  • freewebuserhost.com
  • webmicrosoftupdate.net
  • currentnewsstore.com
  • vall3y.com
  • customauthentication.com
  • mobilebackup.biz
  • msfileshare.net
  • r3gistration.net
  • divinepower.info
  • webjavaupdate.com
  • filetrusty.net
  • braninfall.net
  • crvhostia.net
  • server006.com
  • kungfu-panda.info
  • brandsons.net
  • appinonline.com
  • freewebdomainhost.com
  • antivirusreviewratings.com
  • thedailynewsheadline.com
  • easyslidesharing.net
  • updatemypc.net
  • secuina.net
  • s0pp0rtdesk.com
  • serverrr.com
  • matrixnotloaded.com
  • nitr0rac3.com
  • c00lh0sting.com
  • server003.com
  • myt3mple.com
  • bookshopmarket.com
  • wearwellgarments.eu
Hashes :
  • e681d35efa9777459ecaeb914fc1ac60acd5c0fdcaf3cda02b5cd7bc1a16d0e6
  • a5348fb2e232bd9e99e04bba2b127f219369fbb3212dac820274153b918d292b
  • a409910d0b964a453b8156a4ec760e7450a101f59f0bb4b45cca3e1ef77fcf0d
  • 33da331fabda5a63ab9f51aad3d5548c1bc602860923913aaf6b5b12fbde112e
  • keylogs@devinmartin.net
  • c2c6eebb322a52b09e1dff22df103ee8caf0a438f0102eb78daa4d24e2510fa0
  • 4eb166d8d2a09b2c82919d7973583e430f0d2a611c54f98d8aa67d2f20fbde05
  • ef04cd3e4f5bc41cb85e51f0c6acdf53fdfe4f3bb25f1181f8203d6e407b71b8
  • e962132546ca8de9858cf22181faa449e52b8575d6bc7eaa37a3c4eac9702544
  • stealth@devinmartin.net
  • 33e085035d858af7414644ad81e061ccd6efbc56d72770a7ee8963728ee7d654
  • 37abec061f2d7c0f080995d99aa1f6d43e67e4c33642446fe2305aa1d04c9ca7
  • 9754f68c2d44e807964b89725d007f7459dfb114e6b85e257c6ec2230bb4e185
  • 51efd2ccf6958f3d6552d11da3c947d2a01e5f14b8d0f945d950564d1780f2b5
  • reloaded@devinmartin.net
  • f8f374080427e37b9a5e3ba22962e3e1a307707303a34a0393b07f5fcff509c5
  • 490514a273417f86dd363042571e322c89b7ca1fcbb148f8d541f92ee90b1ee1
  • devinmart@devinmartin.net
  • 0a4473c1a3efde4dba58c4cc0f1bb981f04905bbaa97b694cc980ccff5795081
  • 6cd351e3dccc6fa458ca9864cf9b9c870ad56a74f87ea92eb5985421c231e38a
  • 24a07cc5dbc3ea1724f6371fe490da3ee30177ffee4497b19babbe77867c1431
  • fb10dbcccc7c8352b6b5bdcfaae07f9e00a711273bfdf5295cdd79bc55450c49
  • 40799737a777300dec8d7c497683478dce5b24ed23b010aab87aaa256e3d36a4
  • fffcf4007efd08ab9ca5be64a68cdf3d5b56ce9e6019780719d63d32f38571fe
  • 5912aa2e72ff3ce0806c4b1f9befc45ee0c30d80a6a1e69719c47a4e9fb06e46
  • 7a861768a2747f4bb8eebec91be2092be5b3040ca96415c5e22bb0aef46e11b9
  • devinmartin@devinmartin.net
  • 7c12fb544ee4df411491573636029ba40149baea37094b6fd7c73ed31b537df1
  • lux@devinmartin.net
  • 6662daa6989adc1dde62b072c35ab69acb2f094eafc4c92c488bff3e821621fa
  • 83537a6faeb5baaa870e4f9abaa3d2f593309224b220f79dee1f1beaeb65cc47
  • 123456@devinmartin.net
  • revolution@devinmartin.net
  • 0d061631035b37ea4befe3cc6e8e4900ba2c7bf548839bbbea499905531c1820
  • 335456e5f94fc38fb8a9f444cb18c52b8b07c6b5df70201d9e63b8e13b6b4133
  • radar@devinmartin.net
  • cinema@devinmartin.net
  • 5723da0606e87cc8b1f9aa29147b6a4e041f7a895202ae54951581caecdf078f
  • 8c184d99f4481769a580b53637914173cc6335d4cf65bee697e135e3e13e1d9d
  • 86076d6e6f49c16d249b7f7242d265f8b22a471705f88b378434c79bbc41189b
  • 1104ba1b887b9b2a9592d9c1e8cc88936182e7166f6ab253ff370bace9e3f76c
  • f2533f49062e640dd20e9d402f7468d271af24aab50f8e2b487a95726f724eb0
  • 45cf0d99a7b96fbf079fd53871048e1eab8ae2633986cf7bbad0991c08155c86
  • da918d21dbafd9ddf1bd6c85cfcd491146f742976549e08b8b011e043114357a
  • b4a6194dcc3706070fad9f7c4760e98bcc37fc16573cc05e40f17bea7944077a
Attacks Pattern :
  • T1056
  • T1566
External References :

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.