Reconnecting to live updates…

XCTDH Crypto Heist Part 4 - Nick Smart and Andrii Sovershennyi

Severity: mediumType: unknown

The XCTDH Crypto Heist Part 4 is a medium-severity cyber threat linked to North Korean actors targeting software supply chains and development tools. It involves compromising software dependencies and development environments to facilitate unauthorized access or manipulation, leveraging application layer protocols for communication or data exfiltration. Although no specific affected product versions or patches are identified, the threat highlights risks associated with supply chain attacks. European organizations relying on affected software development tools or dependencies could face risks of intellectual property theft, operational disruption, or unauthorized access. Mitigation requires enhanced supply chain security practices, including rigorous code and dependency auditing, network segmentation, and monitoring for anomalous application layer traffic. Countries with significant software development sectors and historical exposure to North Korean cyber activities, such as the UK, Germany, and France, are more likely to be impacted. Given the medium severity, the threat poses a moderate risk that demands proactive defense but does not indicate immediate critical exploitation. Defenders should prioritize supply chain security and monitor for related attack patterns to reduce exposure.

AI Analysis

Technical Summary

The XCTDH Crypto Heist Part 4 is a cyber threat attributed to North Korean threat actors, specifically linked to tactics involving the compromise of software dependencies and development tools (MITRE ATT&CK T1195.001) and broader software supply chain attacks (T1195.002). This attack vector typically involves infiltrating the software development lifecycle by injecting malicious code or backdoors into software components or development environments, which are then propagated to downstream users. The use of application layer protocols (T1071) suggests that the threat actors employ legitimate communication channels to evade detection while exfiltrating data or controlling compromised systems. Although no specific affected software versions or patches are documented, the threat underscores the persistent risk posed by supply chain compromises, which can have widespread impact due to the trust placed in software dependencies. The absence of known exploits in the wild indicates this may be an emerging or observed campaign rather than a currently widespread active exploitation. The threat is tagged with North Korea and DPRK, indicating geopolitical motivations possibly linked to financial gain through cryptocurrency theft or espionage. The technical details are limited, but the focus on software supply chain compromise aligns with recent trends where nation-state actors target development tools to maximize impact. The medium severity rating reflects the moderate risk level considering the complexity of exploitation and potential impact on confidentiality and integrity of software products.

Potential Impact

For European organizations, the XCTDH Crypto Heist poses significant risks primarily to software development firms, technology providers, and any enterprises relying heavily on third-party software dependencies. Compromise of development tools or dependencies can lead to the insertion of malicious code, resulting in intellectual property theft, unauthorized access to sensitive data, and potential disruption of services. This can undermine trust in software supply chains and cause cascading effects across multiple sectors, including finance, critical infrastructure, and government. The use of application layer protocols for command and control or data exfiltration complicates detection efforts, increasing the risk of prolonged undetected breaches. Financial institutions and cryptocurrency-related businesses in Europe could be particularly targeted given the 'Crypto Heist' context, potentially leading to direct financial losses. Additionally, the geopolitical attribution to North Korea suggests that espionage and sabotage could be secondary objectives, impacting national security interests. The medium severity indicates that while the threat is serious, it may require specific conditions or vulnerabilities to be exploited effectively, thus not representing an immediate widespread crisis but a persistent threat vector.

Mitigation Recommendations

European organizations should implement a multi-layered defense strategy focused on securing the software supply chain. This includes: 1) Enforcing strict code signing and verification processes for all software dependencies and development tools to detect unauthorized modifications. 2) Conducting thorough audits and continuous monitoring of third-party libraries and components for vulnerabilities or suspicious changes. 3) Segmenting development environments from production networks to limit lateral movement if a compromise occurs. 4) Deploying network monitoring solutions capable of detecting anomalous application layer protocol traffic indicative of command and control or data exfiltration activities. 5) Enhancing threat intelligence sharing with industry peers and national cybersecurity centers to stay informed about emerging supply chain threats linked to North Korean actors. 6) Implementing robust access controls and multi-factor authentication for development and build systems to reduce insider threat risks. 7) Training developers and IT staff on supply chain security risks and best practices. 8) Preparing incident response plans specifically addressing supply chain compromise scenarios to enable rapid containment and remediation. These measures go beyond generic advice by focusing on the unique challenges posed by supply chain attacks and the stealthy use of application layer protocols.

Affected Countries

United Kingdom, Germany, France, Netherlands, Sweden

Indicators of Compromise

file: filename
hash: 07f24071e2914c0be127004f5f4e98c22b319ceccdce07c84ff71244db187efc
file: 011025_0x09e61c8f00b01eaa28b3ffaafdeb5f0d402357b87573400ebad1e25f3d9c8693_FINAL.txt
hash: 6ca251da28246371936cbe8083f52527fb4fdfee4045fed3867bb614e67d13f7
file: 011025_0x1a4272be3c516faea9093f5c2fadadb620cfe8bfbd50e22008847e6056fd91b9_FINAL.txt
hash: b9264734cdc4bdc0cf0939729194a48b366470539c32b91417a50e3857721956
file: 011025_0x3b77783f8952ae8235a873a2ac6757f8ae563de56d0006d3f92fd8d73b45ac58_FINAL.txt
hash: 27dd9a146de5f8e7978a00c53ca8ec603f88e7652f99d1493b274689a4c8e542
file: 011025_0xc3d4740f747e2f0adf622d2ac48ef6bda4b18e3d152028f0f8027216199c4fee_FINAL.txt
hash: 4038400fbf249d9b6103815d105dcb23c6c61e6c1026a2a35a64564bf38706b3
file: 011025_0xf9fca982ce5a8ae9463f7b469496a2554d0f09c8ca67ca5034de621963673a5e_FINAL.txt
hash: e37ef036d36de9697c551139d0d8a4c6a401dd332a4f5872c1f21ab755f969ef
file: 011225_0x4ff108d057d6e62ec110a5c8a85b1b404aa0bf6299d63ee9a7679d858c981f0f_FINAL.txt
hash: e18ddf47412ad4b1ed92dffcf15a6d8ae18b60c8b4e002cdd29237663d5b8308
file: 020725_0xc8090a40230cfacb82ead30d8d290a22f8e5f508800d725f8ae2dd1d35e03427_FINAL.txt
hash: eed4768a1127c2e15fc3f9f83fb8fa018862d1f46dab6b4c1bc7dd8fb0da56a1
file: 071025_0x6c777ac28d0dba345eeda8b65625ef1aec69ecb5a489f25f2a2545cf3b3bb344_FINAL.txt
hash: 913081a0cfad76e49c6c7eff89ef31a599e60d0288fe0576e8c61e75eda36517
file: 071025_0xf0adf6867fa5e1f7f9323e992dcad37eda3ca9bff82f49729ff1b85ab84a10d9_FINAL.txt
hash: 89eb1359cb19f926caf29c01f2f587750d6a6d2a5040cc22fb4cd98f2fdbc178
file: 081025_0x5fa89795ed04f9aa6f1969db1e5ce1767450da04cb86dd1ce582f25891dfd976_FINAL.txt
hash: 1c5a64ccbe846c159ac057748a50e3179e72050f4c6c52b9404c29d0e567a259
file: 091025_0x828f00daa9fa68b36d2f2380f3fdc27265c53417ef01660b5421ea1125fad2de_FINAL.txt
hash: 383a8da67be2067b37969873a4c76ca0034f9c9d144e2758234e857ae6d57741
file: 091025_0xa1f957a901cdfeb603641b8cd8de22d6ef765bc102e1ce50c7494fb19ea1835d_FINAL.txt
hash: 7af08b2fa4b31e38f5a43b62cad4882ff76e719c165bfbc980d970ea95c34e7e
file: 120625_0x95cac861a838481cbef0557e60098703038acfc920abfdcf272714cfbc7c12e9_FINAL.txt
hash: 612cd30ca0f3dba0145bd8771f26ab5b9d34b8e53c4fac9908ba8f04b4906bcd
file: 130625_0x1cfb0f48dbed9db15451b06328619e3cc33f22616611411afc5be3005e768b59_FINAL.txt
hash: e6581a900989e859c7cb36c11da81c3e3d3a0ccc2f9a7f943bb65296bd6996bd
file: 130625_0x377ee776fc12e468813a1cb1f36b71b973f40f78baf053f6ef77bf35968d706e_FINAL.txt
hash: 5171c3af3f5d10194345b331250ab3475e67368f1dd69cf7d09d4cc57cbfec9d
file: 130625_0x37a83b05ab074c13bacd2493b97b876f97bc310726c9f8191982e4df180fc851_FINAL.txt
hash: 0ff16be0423bc8cba51cb494b3f1195c72dcfc6e1099745b28b7e4591e7d4643
file: 130625_0x3925fbf4a2e49966bc2d84cb4c134a28059e8483f7f8e2750c5aae737bfebe1d_FINAL.txt
hash: d373bad3feea05081330e9a236130bb3fdc382cbd30bad217555893312903711
file: 130625_0xf7e6cbd4551c45cfeb3f57574f7685dde8ca6be7a6ce5f99cf5ff237a6e51cde_FINAL.txt
hash: dd0aa0d09d093781febc75959a93212223617c7877eb70155e1428eed27cfbef
file: 141125_0x4e0c8d86a755bc1a658619c9f399c3e108150539809bd049d9d8e7e3160bd388_FINAL.txt
hash: e2fdf1a6b938bfed8c81af38dca846d721b0c23a755c3db33e5d944bc9d7e6ca
file: 170625_0x03decfa85c107de640312424534ae89a8457ede2f7582c4b84d20f158c9f3e36_FINAL.txt
hash: e7758f9eacbceadbd40e54938646264b0141137ad8dec07d944cb0be706870b0
file: 170625_0x12bc330c25900831eec4a6f6c16bfd1e742f724707528305b92ba367f8c6d381_FINAL.txt
hash: fb0ce6bf67c2ea1472662c3b037da094e6881385747cea6381df162e277e51bc
file: 170625_0x41dceafa3b3b7769b8cec6d1ee186b978a9151d1e160badaf680f61667597f3e_FINAL.txt
hash: c4b4af51e23974bc1d325f6951ecc4c97f2af85fe63bc97c486763c9c34f14a5
file: 170625_0x597f5aee26ed111568bf0ae5bc8b783e4daab081ddda686ec9d489da9f9c4873_FINAL.txt
hash: bcdd49ff87f064b07a373819d442eaa07af7c28cdede6c235dea54c54c518be9
file: 170625_0x5eb9a2d184d875335cf264272002fd7222b2da8ad2c9e4facaca4b03511458aa_FINAL.txt
hash: 277b158f399268385b3662bd28d531293cf3475cd125e806fb8ec951a5e5e4b1
file: 170625_0x63f4ff9e98349e50304c24b55cd315d6e008d0ebae86ddd65c4e4b5bf949a63a_FINAL.txt
hash: 7a33761de291683f61ad9a00ecb79ed1f4f9d5e3f11f4484857b34282a1e8127
file: 170625_0x86513aaee4aa6589e527c6ba7ca1ded4f0db4ed9daadbc9e301c377792fd6164_FINAL.txt
hash: 1829acdbfd5744d784606a0a537937c4855188afc13997795e7a39c3e79ab2c4
file: 170625_0x973a7ee648c3bb0fb77971a6c219e6a5914d31377fc750a61f5717376c049f4e_FINAL.txt
hash: 230ba71f5a04a6a464ddd4b4ddd2e26563be786d3ca6f778afa4cf5fb27140e0
file: 170625_0xaf616b66476c664e15d2b6b5e69f5bb3ae08abfb8c27ce6a041459c0e6a68e02_FINAL.txt
hash: 4791a87502a06a7002a7cf85d415efd7fe0b1a8d734117f44a5109a701162aa9
file: 170625_0xb39a381e2dc8885690851f2cdd85ac7f4ae7006ada959b1f65f5ed237eebe315_FINAL.txt
hash: 9e99a6f8ba8e64f3ffd6ca2747ac4c3a335fc9451eb0875c4eec8692e76e94b3
file: 180625_0x2f92acf3113372eb8763fc84ce06d313322d40c486ccb5762c5ef9471dec9b52_FINAL.txt
hash: 0547bee3fe719f35b628915ac371ffcf5b9c69279714e9d6c63b7b33404244e5
file: 180625_0x7d30b9b20f2e653af16b3d5b91c1e3b4bf9fcd74d1ce1e3a95f7e509f5fb0c71_FINAL.txt
hash: 6e948ea77f6e77056c50d10caa9804ec6303efead7c5d36c353471fd72074efa
file: 180625_0x983bef452471f55ca9900934934ec6833630e788f3ed2c05ff3f300f72ca9acd_FINAL.txt
hash: 22cf7796c4793d851c000942a9c732fc47bfebc40e70ed31755410f057f25913
file: 180625_0xc0207f0a9afcbd1ff311e3107c0ae2202fc3bb7d121c82d101a342f25dc6e05c_FINAL.txt
hash: ae2c969bee3be225f0acf32a6238564e9cbe358deb1b470f9a768bab751b666c
file: 180625_0xc771e2e284c0d18ad72baaca87fe13484324e0f52d48daabf65acb064ad3c307_FINAL.txt
hash: 65445d06b6b21009497053a22f97a9195c6eb15c789435eeceb0682c06614727
file: 180625_0xfcc68ecf4919b06aaedbebf09da5131e170fcf615c9aa4b22207a5f1cfdad695_FINAL.txt
hash: 4ad891c8f85dde622882710ab285c60b50e38c717d89b254804277543596ab88
file: 181125_0x23b3d184652dc2b44fe98df7d7a80fa9c0e189e4e648798105ad2387313dd3ff_FINAL.txt
hash: b79fc5096afd3ab3edebfc47dd93a80ec1bdfc411516b71f179ed62a40c8ff67
file: 190625_0x26b03d116d6cbdbeb925e6067daecfccf88002541d9f51c422c34181441ecb15_FINAL.txt
hash: ce23dbab26748abe9700339372c644616e8a69d4db5ec60bb8ff59ae8e0f7d16
file: 190625_0x2b1f890d751aa5773ba273b28a5298da6617ec4e1c7fea7bf8560e741499bd2a_FINAL.txt
hash: 5408118388a65d775d1852e7f5b5eb8b5d899b4aaf333b30425cc6eaf7f053b1
file: 190625_0x329d4aa892781bf7eff8ba1c0b07bac2c4d188c4690db68917247d857eaa74c2_FINAL.txt
hash: 83352c6d090931d2372223c7d7fa8d4fe3028418c97b8e4a25a2d0c90d59dc33
file: 190625_0xa976af8ffc133d508c5dfc471fcb771958badf1e95a043dd8d7fd28488ec780a_FINAL.txt
hash: c2dcbadbef77d75d9520c72a1d6e8363f5be485d56ffc8ea1c75fa06f2e5d004
file: 190625_0xe22eee97aa7f8eaa3fd78c3b0c007ce11e594eef87d2c0979ad1575aa6703004_FINAL.txt
hash: 2ccfb47a8dde6e0eeb759115827d5651db58960724c7005835d94d4f41fc572f
file: 190825_0x4d0ab1733753d2433129bff615868fd9808566282d6f4671b768cca08d27354f_FINAL.txt
hash: 77158e1b4b8811c0dc2d603534bbd68c7640ff335324eaf2792bf45e9fd9a861
file: 190825_0x6ffe3a79890861f53337ba1537d797b0a489e9b51a8421e927de035004349f9e_FINAL.txt
hash: 1e753dcdfbdc89cbe643764f3a2c0effd05e1a2b1107a51b585ef9318dc81628
file: 190825_0x96c86186849a7722a749c44adbf17aa07c1fe70fd7c7913bc17d50b15db72c93_FINAL.txt
hash: 845c3f71223074131299eb9547696e890dc996c03d11689f2ac69c8aed9eb54e
file: 190825_0xa8cdabea3616a6d43e0893322112f9dca05b7d2f88fd1b7370c33c79076216ff_FINAL.txt
hash: 149281934c455be638f5914dd57878a87eca6e9c66a2745b2a02d97624fa877a
file: 190825_0xcd05967c742629276ad2b4a78acbf793503d8283baa8fb8e1288b0296af8e544_FINAL.txt
hash: 28093b1053d2738d9ffe0520f2a600f45d2841ed51df1733e81c6ca97a454f85
file: 191125_0x942926ed344800452f42a29234ab9738fac407994aeb23c3953132aaaa7bf9d8_FINAL.txt
hash: 9aea1b4863e6566572949b292605f1e4459eb4d2ec081e52d6901788fd60c8be
file: 200625_0x047d1f6ea5b56c3153a37d61d64dd9b024fc42d8f087cdd4126757d189d402af_FINAL.txt
hash: efe79242420d3cc3f325df5f1cb18c47ddd0bf10960308d3a392f7a3bc769145
file: 200625_0x07d161add55778d999a7b90541d80db202b0822e14bae22ac97e53d0bfdd0441_FINAL.txt
hash: c5e6893eb772a1b7f9dffe6aa55dd994aff227dd5b8fa6cb7b53e283b98d6f10
file: 200625_0x09f6929c8c17ddee245db4563eec9b878a4dbce9a99d7af76c38dc1c82b7127d_FINAL.txt
hash: 87853d1cf670f63c200bd4b63b8c657a5e6586de95d5523f8936ec7ffe947567
file: 200625_0x1a02d48bbf90d73cc6ceef66e5853356d9d25081cf830f91af5fc04af831f8ac_FINAL.txt
hash: f24ac3a6c33ea93c3f25f6aa564afe0d39aa790b2a78330139971d02aa18570f
file: 200625_0x72e4131d73807d6d49687e90ee75ca87a898ed342148010c38a5018b773abafa_FINAL.txt
hash: c5ac82f708afa842dd62844e49ebab8dca94de6ea0fc2d04dba7389d8390a999
file: 200625_0xb1a0eaa97d34ac623e9f184d4033da9a0031445f7c62b77e03bf80af2f19abd3_FINAL.txt
hash: 409a742b0ae4956cd3711f7bae2d8ea7c261001e9e8e807b8c20ac695f5f73d9
file: 200625_0xd9b6a190ff74bc2848dd008667ef51001ad16cf3fa8bbc72c1c55457d4e109dc_FINAL.txt
hash: c8444eef8faff68bb10b0f0158e4fd96d15e9fc3ca1ded5ab0f88969236d4c22
file: 200625_0xfefbf41134511bc60de5690901bd8270dbc57d0fc434b5ef8e0a1de555acc86c_FINAL.txt
hash: e10e538f88c8ca6054773db12f227f5fa4b4d6abba213bf4923c582f091dba8f
file: 211125_0x5895d4c1c3cd8094d53cbf987037af8b92ad9b1af8dff44573f606c8851d5473_FINAL.txt
hash: 3e6147933a7ae14212a840b914cd6839083f24f83e11842ac5f07e2874011d01
file: 211125_0x8e02556718a5b214cae34bd881c15398394be28c859b4f1c66fe3d45d7f78ebc_FINAL.txt
hash: c49129c08c40ac720d6cd40173fab96f5ae87240fd4056b47ee6d112d5d5db27
file: 211125_0xba3c88693d59e2e9742974ef6e2c4a9e649d8c92e91c2b8560eb62894b9c9c71_FINAL.txt
hash: be8c0d340c42ba9e114a9f2bc20e8675e23647e9dae30347bfed8d98981b2ddc
file: 230725_0x8d1facf6f9ec618abf439d6a5da65d4f2741221be66ad26ff8fdfdd9ac301257_FINAL.txt
hash: 95d1fe04cb4546570485baf2fab9cf616c6436fe26bb70bb3d42fbc19ccf7481
file: 240625_0x084a392b5800a757601db68c73713827df379c90c8326b8837cf646bff86b003_FINAL.txt
hash: 07d3bb1526f852614cbfa8e8b5d4c847471ffdbdd01ecc9782be996c22f6db23
file: 240625_0x37f5d0a6132ee0c8ef2ecd6e3f29063276bd92967cb59aa4086b4b9e4dfe2dbd_FINAL.txt
hash: 5937fbd88c69425a98497a35dd9d6c4c83305bfa8b861cc24e3057ad6fecc7ff
file: 240625_0x71be83c087ac53c3fec2e4b03c55887972eeeacc265ea8dfdcfd41f0dd10f758_FINAL.txt
hash: e04b1aaab8cc2326e2d7d83bfd791827319092f5330ab0dbcf0353d3d9d4995e
file: 240625_0xa30980b4f0507e4a176142b57aea6ee015ed8dea00b66ee3eeb3a906fdec879a_FINAL.txt
hash: b1de02b78e21068c4a27b75a740fb7828d3994fc077b7b508fe8b427014c9a2c
file: 240625_0xaca9628f11f3befa7a69d0667195de4d157a666774560f31e79f558f2ba233f4_FINAL.txt
hash: 67307ab9ff0407ae4cbca3c397f7325bd25318b747305d7d07e603b0d04c6206
file: 240625_0xca0244973ecb28726b9c5b57878d52b7d098ea2790e2770b37909d81ca059205_FINAL.txt
hash: 0488c535c336e4d94dfccddffe0af1704fd9a9e53ce782698dc63c42bc82b2dc
file: 240725_0x8041c491ae908686498c282c5bdb12c6ebad48a0e77e13a36e7cd7c51c7b1c18_FINAL.txt
hash: a10abb88decde2c3444f3145ec28e7c4b698c976d48fb167715495cd0d30b90f
file: 301025_0x197b587bc976641277791f951518667f12c93d1ace916b3fe79f84759a62f504_FINAL.txt
hash: 81ce19c8ddfd2a79af7e2d859e38fc4a34d6e6a1befefedf87902acea3b142e5
file: 301025_0x1f6ef3780544d7e9a0052c83753e791f8eabf970a378b2059bed4967faaa49d4_FINAL.txt
hash: 4d687b01f812e547562314567134f000eb73738bd087aac70634ae7817023670
file: 301025_0x52540d15652271a5601ff6cc763da2588610ab5be760dd7ba33240c9faa038a2_FINAL.txt
hash: 87de92dca4714a98e2b5545b8d20b2ec1a3bbd26153d83ce5eab11a7408b3219
file: 301025_0x87a3eeaf03a8f23da54592e75e0dec441f62fcdac5a642eb3a846c19683d939e_FINAL.txt
hash: 09dba852baa4948487bfff62c82beea4695bc8c5d070eb426516317367610ceb
file: 301025_0xb82d9ef7a8cefef8b9a3aa33860e3a62ff1951b3b145f689ddeb438a278bb2ab_FINAL.txt
hash: 64fb20845c96e40ddea3dac75909a9efaa7692c1645a68fd26e6ea5d25bf183e
file: 301025_0xda655e6b69e98cbdda93e31804827b49410880bbb3c17b908a71efe85e284dfa_FINAL.txt
text: symbol
text: transaction-number
text: BSC
text: 0x09e61c8f00b01eaa28b3ffaafdeb5f0d402357b87573400ebad1e25f3d9c8693
text: BSC
text: 0x1a4272be3c516faea9093f5c2fadadb620cfe8bfbd50e22008847e6056fd91b9
text: BSC
text: 0x3b77783f8952ae8235a873a2ac6757f8ae563de56d0006d3f92fd8d73b45ac58
text: BSC
text: 0xc3d4740f747e2f0adf622d2ac48ef6bda4b18e3d152028f0f8027216199c4fee
text: BSC
text: 0xf9fca982ce5a8ae9463f7b469496a2554d0f09c8ca67ca5034de621963673a5e
text: BSC
text: 0x4ff108d057d6e62ec110a5c8a85b1b404aa0bf6299d63ee9a7679d858c981f0f
text: BSC
text: 0xc8090a40230cfacb82ead30d8d290a22f8e5f508800d725f8ae2dd1d35e03427
text: BSC
text: 0x6c777ac28d0dba345eeda8b65625ef1aec69ecb5a489f25f2a2545cf3b3bb344
text: BSC
text: 0xf0adf6867fa5e1f7f9323e992dcad37eda3ca9bff82f49729ff1b85ab84a10d9
text: BSC
text: 0x5fa89795ed04f9aa6f1969db1e5ce1767450da04cb86dd1ce582f25891dfd976
text: BSC
text: 0x828f00daa9fa68b36d2f2380f3fdc27265c53417ef01660b5421ea1125fad2de
text: BSC
text: 0xa1f957a901cdfeb603641b8cd8de22d6ef765bc102e1ce50c7494fb19ea1835d
text: BSC
text: 0x95cac861a838481cbef0557e60098703038acfc920abfdcf272714cfbc7c12e9
text: BSC
text: 0x1cfb0f48dbed9db15451b06328619e3cc33f22616611411afc5be3005e768b59
text: BSC
text: 0x377ee776fc12e468813a1cb1f36b71b973f40f78baf053f6ef77bf35968d706e
text: BSC
text: 0x37a83b05ab074c13bacd2493b97b876f97bc310726c9f8191982e4df180fc851
text: BSC
text: 0x3925fbf4a2e49966bc2d84cb4c134a28059e8483f7f8e2750c5aae737bfebe1d
text: BSC
text: 0xf7e6cbd4551c45cfeb3f57574f7685dde8ca6be7a6ce5f99cf5ff237a6e51cde
text: BSC
text: 0x4e0c8d86a755bc1a658619c9f399c3e108150539809bd049d9d8e7e3160bd388
text: BSC
text: 0x03decfa85c107de640312424534ae89a8457ede2f7582c4b84d20f158c9f3e36
text: BSC
text: 0x12bc330c25900831eec4a6f6c16bfd1e742f724707528305b92ba367f8c6d381
text: BSC
text: 0x41dceafa3b3b7769b8cec6d1ee186b978a9151d1e160badaf680f61667597f3e
text: BSC
text: 0x597f5aee26ed111568bf0ae5bc8b783e4daab081ddda686ec9d489da9f9c4873
text: BSC
text: 0x5eb9a2d184d875335cf264272002fd7222b2da8ad2c9e4facaca4b03511458aa
text: BSC
text: 0x63f4ff9e98349e50304c24b55cd315d6e008d0ebae86ddd65c4e4b5bf949a63a
text: BSC
text: 0x86513aaee4aa6589e527c6ba7ca1ded4f0db4ed9daadbc9e301c377792fd6164
text: BSC
text: 0x973a7ee648c3bb0fb77971a6c219e6a5914d31377fc750a61f5717376c049f4e
text: BSC
text: 0xaf616b66476c664e15d2b6b5e69f5bb3ae08abfb8c27ce6a041459c0e6a68e02
text: BSC
text: 0xb39a381e2dc8885690851f2cdd85ac7f4ae7006ada959b1f65f5ed237eebe315
text: BSC
text: 0x2f92acf3113372eb8763fc84ce06d313322d40c486ccb5762c5ef9471dec9b52
text: BSC
text: 0x7d30b9b20f2e653af16b3d5b91c1e3b4bf9fcd74d1ce1e3a95f7e509f5fb0c71
text: BSC
text: 0x983bef452471f55ca9900934934ec6833630e788f3ed2c05ff3f300f72ca9acd
text: BSC
text: 0xc0207f0a9afcbd1ff311e3107c0ae2202fc3bb7d121c82d101a342f25dc6e05c
text: BSC
text: 0xc771e2e284c0d18ad72baaca87fe13484324e0f52d48daabf65acb064ad3c307
text: BSC
text: 0xfcc68ecf4919b06aaedbebf09da5131e170fcf615c9aa4b22207a5f1cfdad695
text: BSC
text: 0x23b3d184652dc2b44fe98df7d7a80fa9c0e189e4e648798105ad2387313dd3ff
text: BSC
text: 0x26b03d116d6cbdbeb925e6067daecfccf88002541d9f51c422c34181441ecb15
text: BSC
text: 0x2b1f890d751aa5773ba273b28a5298da6617ec4e1c7fea7bf8560e741499bd2a
text: BSC
text: 0x329d4aa892781bf7eff8ba1c0b07bac2c4d188c4690db68917247d857eaa74c2
text: BSC
text: 0xa976af8ffc133d508c5dfc471fcb771958badf1e95a043dd8d7fd28488ec780a
text: BSC
text: 0xe22eee97aa7f8eaa3fd78c3b0c007ce11e594eef87d2c0979ad1575aa6703004
text: BSC
text: 0x4d0ab1733753d2433129bff615868fd9808566282d6f4671b768cca08d27354f
text: BSC
text: 0x6ffe3a79890861f53337ba1537d797b0a489e9b51a8421e927de035004349f9e
text: BSC
text: 0x96c86186849a7722a749c44adbf17aa07c1fe70fd7c7913bc17d50b15db72c93
text: BSC
text: 0xa8cdabea3616a6d43e0893322112f9dca05b7d2f88fd1b7370c33c79076216ff
text: BSC
text: 0xcd05967c742629276ad2b4a78acbf793503d8283baa8fb8e1288b0296af8e544
text: BSC
text: 0x942926ed344800452f42a29234ab9738fac407994aeb23c3953132aaaa7bf9d8
text: BSC
text: 0x047d1f6ea5b56c3153a37d61d64dd9b024fc42d8f087cdd4126757d189d402af
text: BSC
text: 0x07d161add55778d999a7b90541d80db202b0822e14bae22ac97e53d0bfdd0441
text: BSC
text: 0x09f6929c8c17ddee245db4563eec9b878a4dbce9a99d7af76c38dc1c82b7127d
text: BSC
text: 0x1a02d48bbf90d73cc6ceef66e5853356d9d25081cf830f91af5fc04af831f8ac
text: BSC
text: 0x72e4131d73807d6d49687e90ee75ca87a898ed342148010c38a5018b773abafa
text: BSC
text: 0xb1a0eaa97d34ac623e9f184d4033da9a0031445f7c62b77e03bf80af2f19abd3
text: BSC
text: 0xd9b6a190ff74bc2848dd008667ef51001ad16cf3fa8bbc72c1c55457d4e109dc
text: BSC
text: 0xfefbf41134511bc60de5690901bd8270dbc57d0fc434b5ef8e0a1de555acc86c
text: BSC
text: 0x5895d4c1c3cd8094d53cbf987037af8b92ad9b1af8dff44573f606c8851d5473
text: BSC
text: 0x8e02556718a5b214cae34bd881c15398394be28c859b4f1c66fe3d45d7f78ebc
text: BSC
text: 0xba3c88693d59e2e9742974ef6e2c4a9e649d8c92e91c2b8560eb62894b9c9c71
text: BSC
text: 0x8d1facf6f9ec618abf439d6a5da65d4f2741221be66ad26ff8fdfdd9ac301257
text: BSC
text: 0x084a392b5800a757601db68c73713827df379c90c8326b8837cf646bff86b003
text: BSC
text: 0x37f5d0a6132ee0c8ef2ecd6e3f29063276bd92967cb59aa4086b4b9e4dfe2dbd
text: BSC
text: 0x71be83c087ac53c3fec2e4b03c55887972eeeacc265ea8dfdcfd41f0dd10f758
text: BSC
text: 0xa30980b4f0507e4a176142b57aea6ee015ed8dea00b66ee3eeb3a906fdec879a
text: BSC
text: 0xaca9628f11f3befa7a69d0667195de4d157a666774560f31e79f558f2ba233f4
text: BSC
text: 0xca0244973ecb28726b9c5b57878d52b7d098ea2790e2770b37909d81ca059205
text: BSC
text: 0x8041c491ae908686498c282c5bdb12c6ebad48a0e77e13a36e7cd7c51c7b1c18
text: BSC
text: 0x197b587bc976641277791f951518667f12c93d1ace916b3fe79f84759a62f504
text: BSC
text: 0x1f6ef3780544d7e9a0052c83753e791f8eabf970a378b2059bed4967faaa49d4
text: BSC
text: 0x52540d15652271a5601ff6cc763da2588610ab5be760dd7ba33240c9faa038a2
text: BSC
text: 0x87a3eeaf03a8f23da54592e75e0dec441f62fcdac5a642eb3a846c19683d939e
text: BSC
text: 0xb82d9ef7a8cefef8b9a3aa33860e3a62ff1951b3b145f689ddeb438a278bb2ab
text: BSC
text: 0xda655e6b69e98cbdda93e31804827b49410880bbb3c17b908a71efe85e284dfa
text: symbol
text: address-crypto
text: text
text: BSC
text: 0x6bEf55A0BB4bFF96f947eb1f87E9a59031BB1686
text: DPRK-Linked Potential Communications Channel
text: symbol
text: address-crypto
text: TRX
text: TMfKQEd7TJJa5xNZJZ2Lep838vrzrs7mAP
text: TRX
text: TXfxHUet9pJVU1BgVkBAbrES4YUc1nGzcG
text: TRX
text: TLmj13VL4p6NQ7jpxz8d9uYY6FUKCYatSe
ip: 188.43.33.249
datetime: 2025-11-18T00:00:00+00:00
text: IP login to access cryptocurrency wallet - Vladivostok-related address to TKK
ip: 154.91.0.103
datetime: 2025-02-07T00:00:00+00:00
text: Initial IP from Python Downloader (Payload1_2 (HTTP Payload Stager)) - Attributed to backdoor reported by MalwareHunterTeam
ip: 136.0.9.8
datetime: 2025-06-12T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Initial RAT/LOADER
ip: 166.88.4.2
datetime: 2025-06-12T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Initial RAT/LOADER
ip: 23.27.202.27
datetime: 2025-06-20T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Initial RAT/LOADER
ip: 23.27.120.142
datetime: 2025-10-08T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Python Dropper
ip: 202.155.8.173
datetime: 2025-10-30T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Part 3 Cluster-4
ip: 198.105.127.210
datetime: 2025-11-14T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Unknown
ip: 166.88.134.82
datetime: 2025-11-21T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Unknown

XCTDH Crypto Heist Part 4 - Nick Smart and Andrii Sovershennyi

Severity: medium

Type: unknown

Technical Summary

Potential Impact

Mitigation Recommendations

Affected Countries

United Kingdom, Germany, France, Netherlands, Sweden

Indicators of Compromise

file: filename
hash: 07f24071e2914c0be127004f5f4e98c22b319ceccdce07c84ff71244db187efc
file: 011025_0x09e61c8f00b01eaa28b3ffaafdeb5f0d402357b87573400ebad1e25f3d9c8693_FINAL.txt
hash: 6ca251da28246371936cbe8083f52527fb4fdfee4045fed3867bb614e67d13f7
file: 011025_0x1a4272be3c516faea9093f5c2fadadb620cfe8bfbd50e22008847e6056fd91b9_FINAL.txt
hash: b9264734cdc4bdc0cf0939729194a48b366470539c32b91417a50e3857721956
file: 011025_0x3b77783f8952ae8235a873a2ac6757f8ae563de56d0006d3f92fd8d73b45ac58_FINAL.txt
hash: 27dd9a146de5f8e7978a00c53ca8ec603f88e7652f99d1493b274689a4c8e542
file: 011025_0xc3d4740f747e2f0adf622d2ac48ef6bda4b18e3d152028f0f8027216199c4fee_FINAL.txt
hash: 4038400fbf249d9b6103815d105dcb23c6c61e6c1026a2a35a64564bf38706b3
file: 011025_0xf9fca982ce5a8ae9463f7b469496a2554d0f09c8ca67ca5034de621963673a5e_FINAL.txt
hash: e37ef036d36de9697c551139d0d8a4c6a401dd332a4f5872c1f21ab755f969ef
file: 011225_0x4ff108d057d6e62ec110a5c8a85b1b404aa0bf6299d63ee9a7679d858c981f0f_FINAL.txt
hash: e18ddf47412ad4b1ed92dffcf15a6d8ae18b60c8b4e002cdd29237663d5b8308
file: 020725_0xc8090a40230cfacb82ead30d8d290a22f8e5f508800d725f8ae2dd1d35e03427_FINAL.txt
hash: eed4768a1127c2e15fc3f9f83fb8fa018862d1f46dab6b4c1bc7dd8fb0da56a1
file: 071025_0x6c777ac28d0dba345eeda8b65625ef1aec69ecb5a489f25f2a2545cf3b3bb344_FINAL.txt
hash: 913081a0cfad76e49c6c7eff89ef31a599e60d0288fe0576e8c61e75eda36517
file: 071025_0xf0adf6867fa5e1f7f9323e992dcad37eda3ca9bff82f49729ff1b85ab84a10d9_FINAL.txt
hash: 89eb1359cb19f926caf29c01f2f587750d6a6d2a5040cc22fb4cd98f2fdbc178
file: 081025_0x5fa89795ed04f9aa6f1969db1e5ce1767450da04cb86dd1ce582f25891dfd976_FINAL.txt
hash: 1c5a64ccbe846c159ac057748a50e3179e72050f4c6c52b9404c29d0e567a259
file: 091025_0x828f00daa9fa68b36d2f2380f3fdc27265c53417ef01660b5421ea1125fad2de_FINAL.txt
hash: 383a8da67be2067b37969873a4c76ca0034f9c9d144e2758234e857ae6d57741
file: 091025_0xa1f957a901cdfeb603641b8cd8de22d6ef765bc102e1ce50c7494fb19ea1835d_FINAL.txt
hash: 7af08b2fa4b31e38f5a43b62cad4882ff76e719c165bfbc980d970ea95c34e7e
file: 120625_0x95cac861a838481cbef0557e60098703038acfc920abfdcf272714cfbc7c12e9_FINAL.txt
hash: 612cd30ca0f3dba0145bd8771f26ab5b9d34b8e53c4fac9908ba8f04b4906bcd
file: 130625_0x1cfb0f48dbed9db15451b06328619e3cc33f22616611411afc5be3005e768b59_FINAL.txt
hash: e6581a900989e859c7cb36c11da81c3e3d3a0ccc2f9a7f943bb65296bd6996bd
file: 130625_0x377ee776fc12e468813a1cb1f36b71b973f40f78baf053f6ef77bf35968d706e_FINAL.txt
hash: 5171c3af3f5d10194345b331250ab3475e67368f1dd69cf7d09d4cc57cbfec9d
file: 130625_0x37a83b05ab074c13bacd2493b97b876f97bc310726c9f8191982e4df180fc851_FINAL.txt
hash: 0ff16be0423bc8cba51cb494b3f1195c72dcfc6e1099745b28b7e4591e7d4643
file: 130625_0x3925fbf4a2e49966bc2d84cb4c134a28059e8483f7f8e2750c5aae737bfebe1d_FINAL.txt
hash: d373bad3feea05081330e9a236130bb3fdc382cbd30bad217555893312903711
file: 130625_0xf7e6cbd4551c45cfeb3f57574f7685dde8ca6be7a6ce5f99cf5ff237a6e51cde_FINAL.txt
hash: dd0aa0d09d093781febc75959a93212223617c7877eb70155e1428eed27cfbef
file: 141125_0x4e0c8d86a755bc1a658619c9f399c3e108150539809bd049d9d8e7e3160bd388_FINAL.txt
hash: e2fdf1a6b938bfed8c81af38dca846d721b0c23a755c3db33e5d944bc9d7e6ca
file: 170625_0x03decfa85c107de640312424534ae89a8457ede2f7582c4b84d20f158c9f3e36_FINAL.txt
hash: e7758f9eacbceadbd40e54938646264b0141137ad8dec07d944cb0be706870b0
file: 170625_0x12bc330c25900831eec4a6f6c16bfd1e742f724707528305b92ba367f8c6d381_FINAL.txt
hash: fb0ce6bf67c2ea1472662c3b037da094e6881385747cea6381df162e277e51bc
file: 170625_0x41dceafa3b3b7769b8cec6d1ee186b978a9151d1e160badaf680f61667597f3e_FINAL.txt
hash: c4b4af51e23974bc1d325f6951ecc4c97f2af85fe63bc97c486763c9c34f14a5
file: 170625_0x597f5aee26ed111568bf0ae5bc8b783e4daab081ddda686ec9d489da9f9c4873_FINAL.txt
hash: bcdd49ff87f064b07a373819d442eaa07af7c28cdede6c235dea54c54c518be9
file: 170625_0x5eb9a2d184d875335cf264272002fd7222b2da8ad2c9e4facaca4b03511458aa_FINAL.txt
hash: 277b158f399268385b3662bd28d531293cf3475cd125e806fb8ec951a5e5e4b1
file: 170625_0x63f4ff9e98349e50304c24b55cd315d6e008d0ebae86ddd65c4e4b5bf949a63a_FINAL.txt
hash: 7a33761de291683f61ad9a00ecb79ed1f4f9d5e3f11f4484857b34282a1e8127
file: 170625_0x86513aaee4aa6589e527c6ba7ca1ded4f0db4ed9daadbc9e301c377792fd6164_FINAL.txt
hash: 1829acdbfd5744d784606a0a537937c4855188afc13997795e7a39c3e79ab2c4
file: 170625_0x973a7ee648c3bb0fb77971a6c219e6a5914d31377fc750a61f5717376c049f4e_FINAL.txt
hash: 230ba71f5a04a6a464ddd4b4ddd2e26563be786d3ca6f778afa4cf5fb27140e0
file: 170625_0xaf616b66476c664e15d2b6b5e69f5bb3ae08abfb8c27ce6a041459c0e6a68e02_FINAL.txt
hash: 4791a87502a06a7002a7cf85d415efd7fe0b1a8d734117f44a5109a701162aa9
file: 170625_0xb39a381e2dc8885690851f2cdd85ac7f4ae7006ada959b1f65f5ed237eebe315_FINAL.txt
hash: 9e99a6f8ba8e64f3ffd6ca2747ac4c3a335fc9451eb0875c4eec8692e76e94b3
file: 180625_0x2f92acf3113372eb8763fc84ce06d313322d40c486ccb5762c5ef9471dec9b52_FINAL.txt
hash: 0547bee3fe719f35b628915ac371ffcf5b9c69279714e9d6c63b7b33404244e5
file: 180625_0x7d30b9b20f2e653af16b3d5b91c1e3b4bf9fcd74d1ce1e3a95f7e509f5fb0c71_FINAL.txt
hash: 6e948ea77f6e77056c50d10caa9804ec6303efead7c5d36c353471fd72074efa
file: 180625_0x983bef452471f55ca9900934934ec6833630e788f3ed2c05ff3f300f72ca9acd_FINAL.txt
hash: 22cf7796c4793d851c000942a9c732fc47bfebc40e70ed31755410f057f25913
file: 180625_0xc0207f0a9afcbd1ff311e3107c0ae2202fc3bb7d121c82d101a342f25dc6e05c_FINAL.txt
hash: ae2c969bee3be225f0acf32a6238564e9cbe358deb1b470f9a768bab751b666c
file: 180625_0xc771e2e284c0d18ad72baaca87fe13484324e0f52d48daabf65acb064ad3c307_FINAL.txt
hash: 65445d06b6b21009497053a22f97a9195c6eb15c789435eeceb0682c06614727
file: 180625_0xfcc68ecf4919b06aaedbebf09da5131e170fcf615c9aa4b22207a5f1cfdad695_FINAL.txt
hash: 4ad891c8f85dde622882710ab285c60b50e38c717d89b254804277543596ab88
file: 181125_0x23b3d184652dc2b44fe98df7d7a80fa9c0e189e4e648798105ad2387313dd3ff_FINAL.txt
hash: b79fc5096afd3ab3edebfc47dd93a80ec1bdfc411516b71f179ed62a40c8ff67
file: 190625_0x26b03d116d6cbdbeb925e6067daecfccf88002541d9f51c422c34181441ecb15_FINAL.txt
hash: ce23dbab26748abe9700339372c644616e8a69d4db5ec60bb8ff59ae8e0f7d16
file: 190625_0x2b1f890d751aa5773ba273b28a5298da6617ec4e1c7fea7bf8560e741499bd2a_FINAL.txt
hash: 5408118388a65d775d1852e7f5b5eb8b5d899b4aaf333b30425cc6eaf7f053b1
file: 190625_0x329d4aa892781bf7eff8ba1c0b07bac2c4d188c4690db68917247d857eaa74c2_FINAL.txt
hash: 83352c6d090931d2372223c7d7fa8d4fe3028418c97b8e4a25a2d0c90d59dc33
file: 190625_0xa976af8ffc133d508c5dfc471fcb771958badf1e95a043dd8d7fd28488ec780a_FINAL.txt
hash: c2dcbadbef77d75d9520c72a1d6e8363f5be485d56ffc8ea1c75fa06f2e5d004
file: 190625_0xe22eee97aa7f8eaa3fd78c3b0c007ce11e594eef87d2c0979ad1575aa6703004_FINAL.txt
hash: 2ccfb47a8dde6e0eeb759115827d5651db58960724c7005835d94d4f41fc572f
file: 190825_0x4d0ab1733753d2433129bff615868fd9808566282d6f4671b768cca08d27354f_FINAL.txt
hash: 77158e1b4b8811c0dc2d603534bbd68c7640ff335324eaf2792bf45e9fd9a861
file: 190825_0x6ffe3a79890861f53337ba1537d797b0a489e9b51a8421e927de035004349f9e_FINAL.txt
hash: 1e753dcdfbdc89cbe643764f3a2c0effd05e1a2b1107a51b585ef9318dc81628
file: 190825_0x96c86186849a7722a749c44adbf17aa07c1fe70fd7c7913bc17d50b15db72c93_FINAL.txt
hash: 845c3f71223074131299eb9547696e890dc996c03d11689f2ac69c8aed9eb54e
file: 190825_0xa8cdabea3616a6d43e0893322112f9dca05b7d2f88fd1b7370c33c79076216ff_FINAL.txt
hash: 149281934c455be638f5914dd57878a87eca6e9c66a2745b2a02d97624fa877a
file: 190825_0xcd05967c742629276ad2b4a78acbf793503d8283baa8fb8e1288b0296af8e544_FINAL.txt
hash: 28093b1053d2738d9ffe0520f2a600f45d2841ed51df1733e81c6ca97a454f85
file: 191125_0x942926ed344800452f42a29234ab9738fac407994aeb23c3953132aaaa7bf9d8_FINAL.txt
hash: 9aea1b4863e6566572949b292605f1e4459eb4d2ec081e52d6901788fd60c8be
file: 200625_0x047d1f6ea5b56c3153a37d61d64dd9b024fc42d8f087cdd4126757d189d402af_FINAL.txt
hash: efe79242420d3cc3f325df5f1cb18c47ddd0bf10960308d3a392f7a3bc769145
file: 200625_0x07d161add55778d999a7b90541d80db202b0822e14bae22ac97e53d0bfdd0441_FINAL.txt
hash: c5e6893eb772a1b7f9dffe6aa55dd994aff227dd5b8fa6cb7b53e283b98d6f10
file: 200625_0x09f6929c8c17ddee245db4563eec9b878a4dbce9a99d7af76c38dc1c82b7127d_FINAL.txt
hash: 87853d1cf670f63c200bd4b63b8c657a5e6586de95d5523f8936ec7ffe947567
file: 200625_0x1a02d48bbf90d73cc6ceef66e5853356d9d25081cf830f91af5fc04af831f8ac_FINAL.txt
hash: f24ac3a6c33ea93c3f25f6aa564afe0d39aa790b2a78330139971d02aa18570f
file: 200625_0x72e4131d73807d6d49687e90ee75ca87a898ed342148010c38a5018b773abafa_FINAL.txt
hash: c5ac82f708afa842dd62844e49ebab8dca94de6ea0fc2d04dba7389d8390a999
file: 200625_0xb1a0eaa97d34ac623e9f184d4033da9a0031445f7c62b77e03bf80af2f19abd3_FINAL.txt
hash: 409a742b0ae4956cd3711f7bae2d8ea7c261001e9e8e807b8c20ac695f5f73d9
file: 200625_0xd9b6a190ff74bc2848dd008667ef51001ad16cf3fa8bbc72c1c55457d4e109dc_FINAL.txt
hash: c8444eef8faff68bb10b0f0158e4fd96d15e9fc3ca1ded5ab0f88969236d4c22
file: 200625_0xfefbf41134511bc60de5690901bd8270dbc57d0fc434b5ef8e0a1de555acc86c_FINAL.txt
hash: e10e538f88c8ca6054773db12f227f5fa4b4d6abba213bf4923c582f091dba8f
file: 211125_0x5895d4c1c3cd8094d53cbf987037af8b92ad9b1af8dff44573f606c8851d5473_FINAL.txt
hash: 3e6147933a7ae14212a840b914cd6839083f24f83e11842ac5f07e2874011d01
file: 211125_0x8e02556718a5b214cae34bd881c15398394be28c859b4f1c66fe3d45d7f78ebc_FINAL.txt
hash: c49129c08c40ac720d6cd40173fab96f5ae87240fd4056b47ee6d112d5d5db27
file: 211125_0xba3c88693d59e2e9742974ef6e2c4a9e649d8c92e91c2b8560eb62894b9c9c71_FINAL.txt
hash: be8c0d340c42ba9e114a9f2bc20e8675e23647e9dae30347bfed8d98981b2ddc
file: 230725_0x8d1facf6f9ec618abf439d6a5da65d4f2741221be66ad26ff8fdfdd9ac301257_FINAL.txt
hash: 95d1fe04cb4546570485baf2fab9cf616c6436fe26bb70bb3d42fbc19ccf7481
file: 240625_0x084a392b5800a757601db68c73713827df379c90c8326b8837cf646bff86b003_FINAL.txt
hash: 07d3bb1526f852614cbfa8e8b5d4c847471ffdbdd01ecc9782be996c22f6db23
file: 240625_0x37f5d0a6132ee0c8ef2ecd6e3f29063276bd92967cb59aa4086b4b9e4dfe2dbd_FINAL.txt
hash: 5937fbd88c69425a98497a35dd9d6c4c83305bfa8b861cc24e3057ad6fecc7ff
file: 240625_0x71be83c087ac53c3fec2e4b03c55887972eeeacc265ea8dfdcfd41f0dd10f758_FINAL.txt
hash: e04b1aaab8cc2326e2d7d83bfd791827319092f5330ab0dbcf0353d3d9d4995e
file: 240625_0xa30980b4f0507e4a176142b57aea6ee015ed8dea00b66ee3eeb3a906fdec879a_FINAL.txt
hash: b1de02b78e21068c4a27b75a740fb7828d3994fc077b7b508fe8b427014c9a2c
file: 240625_0xaca9628f11f3befa7a69d0667195de4d157a666774560f31e79f558f2ba233f4_FINAL.txt
hash: 67307ab9ff0407ae4cbca3c397f7325bd25318b747305d7d07e603b0d04c6206
file: 240625_0xca0244973ecb28726b9c5b57878d52b7d098ea2790e2770b37909d81ca059205_FINAL.txt
hash: 0488c535c336e4d94dfccddffe0af1704fd9a9e53ce782698dc63c42bc82b2dc
file: 240725_0x8041c491ae908686498c282c5bdb12c6ebad48a0e77e13a36e7cd7c51c7b1c18_FINAL.txt
hash: a10abb88decde2c3444f3145ec28e7c4b698c976d48fb167715495cd0d30b90f
file: 301025_0x197b587bc976641277791f951518667f12c93d1ace916b3fe79f84759a62f504_FINAL.txt
hash: 81ce19c8ddfd2a79af7e2d859e38fc4a34d6e6a1befefedf87902acea3b142e5
file: 301025_0x1f6ef3780544d7e9a0052c83753e791f8eabf970a378b2059bed4967faaa49d4_FINAL.txt
hash: 4d687b01f812e547562314567134f000eb73738bd087aac70634ae7817023670
file: 301025_0x52540d15652271a5601ff6cc763da2588610ab5be760dd7ba33240c9faa038a2_FINAL.txt
hash: 87de92dca4714a98e2b5545b8d20b2ec1a3bbd26153d83ce5eab11a7408b3219
file: 301025_0x87a3eeaf03a8f23da54592e75e0dec441f62fcdac5a642eb3a846c19683d939e_FINAL.txt
hash: 09dba852baa4948487bfff62c82beea4695bc8c5d070eb426516317367610ceb
file: 301025_0xb82d9ef7a8cefef8b9a3aa33860e3a62ff1951b3b145f689ddeb438a278bb2ab_FINAL.txt
hash: 64fb20845c96e40ddea3dac75909a9efaa7692c1645a68fd26e6ea5d25bf183e
file: 301025_0xda655e6b69e98cbdda93e31804827b49410880bbb3c17b908a71efe85e284dfa_FINAL.txt
text: symbol
text: transaction-number
text: BSC
text: 0x09e61c8f00b01eaa28b3ffaafdeb5f0d402357b87573400ebad1e25f3d9c8693
text: BSC
text: 0x1a4272be3c516faea9093f5c2fadadb620cfe8bfbd50e22008847e6056fd91b9
text: BSC
text: 0x3b77783f8952ae8235a873a2ac6757f8ae563de56d0006d3f92fd8d73b45ac58
text: BSC
text: 0xc3d4740f747e2f0adf622d2ac48ef6bda4b18e3d152028f0f8027216199c4fee
text: BSC
text: 0xf9fca982ce5a8ae9463f7b469496a2554d0f09c8ca67ca5034de621963673a5e
text: BSC
text: 0x4ff108d057d6e62ec110a5c8a85b1b404aa0bf6299d63ee9a7679d858c981f0f
text: BSC
text: 0xc8090a40230cfacb82ead30d8d290a22f8e5f508800d725f8ae2dd1d35e03427
text: BSC
text: 0x6c777ac28d0dba345eeda8b65625ef1aec69ecb5a489f25f2a2545cf3b3bb344
text: BSC
text: 0xf0adf6867fa5e1f7f9323e992dcad37eda3ca9bff82f49729ff1b85ab84a10d9
text: BSC
text: 0x5fa89795ed04f9aa6f1969db1e5ce1767450da04cb86dd1ce582f25891dfd976
text: BSC
text: 0x828f00daa9fa68b36d2f2380f3fdc27265c53417ef01660b5421ea1125fad2de
text: BSC
text: 0xa1f957a901cdfeb603641b8cd8de22d6ef765bc102e1ce50c7494fb19ea1835d
text: BSC
text: 0x95cac861a838481cbef0557e60098703038acfc920abfdcf272714cfbc7c12e9
text: BSC
text: 0x1cfb0f48dbed9db15451b06328619e3cc33f22616611411afc5be3005e768b59
text: BSC
text: 0x377ee776fc12e468813a1cb1f36b71b973f40f78baf053f6ef77bf35968d706e
text: BSC
text: 0x37a83b05ab074c13bacd2493b97b876f97bc310726c9f8191982e4df180fc851
text: BSC
text: 0x3925fbf4a2e49966bc2d84cb4c134a28059e8483f7f8e2750c5aae737bfebe1d
text: BSC
text: 0xf7e6cbd4551c45cfeb3f57574f7685dde8ca6be7a6ce5f99cf5ff237a6e51cde
text: BSC
text: 0x4e0c8d86a755bc1a658619c9f399c3e108150539809bd049d9d8e7e3160bd388
text: BSC
text: 0x03decfa85c107de640312424534ae89a8457ede2f7582c4b84d20f158c9f3e36
text: BSC
text: 0x12bc330c25900831eec4a6f6c16bfd1e742f724707528305b92ba367f8c6d381
text: BSC
text: 0x41dceafa3b3b7769b8cec6d1ee186b978a9151d1e160badaf680f61667597f3e
text: BSC
text: 0x597f5aee26ed111568bf0ae5bc8b783e4daab081ddda686ec9d489da9f9c4873
text: BSC
text: 0x5eb9a2d184d875335cf264272002fd7222b2da8ad2c9e4facaca4b03511458aa
text: BSC
text: 0x63f4ff9e98349e50304c24b55cd315d6e008d0ebae86ddd65c4e4b5bf949a63a
text: BSC
text: 0x86513aaee4aa6589e527c6ba7ca1ded4f0db4ed9daadbc9e301c377792fd6164
text: BSC
text: 0x973a7ee648c3bb0fb77971a6c219e6a5914d31377fc750a61f5717376c049f4e
text: BSC
text: 0xaf616b66476c664e15d2b6b5e69f5bb3ae08abfb8c27ce6a041459c0e6a68e02
text: BSC
text: 0xb39a381e2dc8885690851f2cdd85ac7f4ae7006ada959b1f65f5ed237eebe315
text: BSC
text: 0x2f92acf3113372eb8763fc84ce06d313322d40c486ccb5762c5ef9471dec9b52
text: BSC
text: 0x7d30b9b20f2e653af16b3d5b91c1e3b4bf9fcd74d1ce1e3a95f7e509f5fb0c71
text: BSC
text: 0x983bef452471f55ca9900934934ec6833630e788f3ed2c05ff3f300f72ca9acd
text: BSC
text: 0xc0207f0a9afcbd1ff311e3107c0ae2202fc3bb7d121c82d101a342f25dc6e05c
text: BSC
text: 0xc771e2e284c0d18ad72baaca87fe13484324e0f52d48daabf65acb064ad3c307
text: BSC
text: 0xfcc68ecf4919b06aaedbebf09da5131e170fcf615c9aa4b22207a5f1cfdad695
text: BSC
text: 0x23b3d184652dc2b44fe98df7d7a80fa9c0e189e4e648798105ad2387313dd3ff
text: BSC
text: 0x26b03d116d6cbdbeb925e6067daecfccf88002541d9f51c422c34181441ecb15
text: BSC
text: 0x2b1f890d751aa5773ba273b28a5298da6617ec4e1c7fea7bf8560e741499bd2a
text: BSC
text: 0x329d4aa892781bf7eff8ba1c0b07bac2c4d188c4690db68917247d857eaa74c2
text: BSC
text: 0xa976af8ffc133d508c5dfc471fcb771958badf1e95a043dd8d7fd28488ec780a
text: BSC
text: 0xe22eee97aa7f8eaa3fd78c3b0c007ce11e594eef87d2c0979ad1575aa6703004
text: BSC
text: 0x4d0ab1733753d2433129bff615868fd9808566282d6f4671b768cca08d27354f
text: BSC
text: 0x6ffe3a79890861f53337ba1537d797b0a489e9b51a8421e927de035004349f9e
text: BSC
text: 0x96c86186849a7722a749c44adbf17aa07c1fe70fd7c7913bc17d50b15db72c93
text: BSC
text: 0xa8cdabea3616a6d43e0893322112f9dca05b7d2f88fd1b7370c33c79076216ff
text: BSC
text: 0xcd05967c742629276ad2b4a78acbf793503d8283baa8fb8e1288b0296af8e544
text: BSC
text: 0x942926ed344800452f42a29234ab9738fac407994aeb23c3953132aaaa7bf9d8
text: BSC
text: 0x047d1f6ea5b56c3153a37d61d64dd9b024fc42d8f087cdd4126757d189d402af
text: BSC
text: 0x07d161add55778d999a7b90541d80db202b0822e14bae22ac97e53d0bfdd0441
text: BSC
text: 0x09f6929c8c17ddee245db4563eec9b878a4dbce9a99d7af76c38dc1c82b7127d
text: BSC
text: 0x1a02d48bbf90d73cc6ceef66e5853356d9d25081cf830f91af5fc04af831f8ac
text: BSC
text: 0x72e4131d73807d6d49687e90ee75ca87a898ed342148010c38a5018b773abafa
text: BSC
text: 0xb1a0eaa97d34ac623e9f184d4033da9a0031445f7c62b77e03bf80af2f19abd3
text: BSC
text: 0xd9b6a190ff74bc2848dd008667ef51001ad16cf3fa8bbc72c1c55457d4e109dc
text: BSC
text: 0xfefbf41134511bc60de5690901bd8270dbc57d0fc434b5ef8e0a1de555acc86c
text: BSC
text: 0x5895d4c1c3cd8094d53cbf987037af8b92ad9b1af8dff44573f606c8851d5473
text: BSC
text: 0x8e02556718a5b214cae34bd881c15398394be28c859b4f1c66fe3d45d7f78ebc
text: BSC
text: 0xba3c88693d59e2e9742974ef6e2c4a9e649d8c92e91c2b8560eb62894b9c9c71
text: BSC
text: 0x8d1facf6f9ec618abf439d6a5da65d4f2741221be66ad26ff8fdfdd9ac301257
text: BSC
text: 0x084a392b5800a757601db68c73713827df379c90c8326b8837cf646bff86b003
text: BSC
text: 0x37f5d0a6132ee0c8ef2ecd6e3f29063276bd92967cb59aa4086b4b9e4dfe2dbd
text: BSC
text: 0x71be83c087ac53c3fec2e4b03c55887972eeeacc265ea8dfdcfd41f0dd10f758
text: BSC
text: 0xa30980b4f0507e4a176142b57aea6ee015ed8dea00b66ee3eeb3a906fdec879a
text: BSC
text: 0xaca9628f11f3befa7a69d0667195de4d157a666774560f31e79f558f2ba233f4
text: BSC
text: 0xca0244973ecb28726b9c5b57878d52b7d098ea2790e2770b37909d81ca059205
text: BSC
text: 0x8041c491ae908686498c282c5bdb12c6ebad48a0e77e13a36e7cd7c51c7b1c18
text: BSC
text: 0x197b587bc976641277791f951518667f12c93d1ace916b3fe79f84759a62f504
text: BSC
text: 0x1f6ef3780544d7e9a0052c83753e791f8eabf970a378b2059bed4967faaa49d4
text: BSC
text: 0x52540d15652271a5601ff6cc763da2588610ab5be760dd7ba33240c9faa038a2
text: BSC
text: 0x87a3eeaf03a8f23da54592e75e0dec441f62fcdac5a642eb3a846c19683d939e
text: BSC
text: 0xb82d9ef7a8cefef8b9a3aa33860e3a62ff1951b3b145f689ddeb438a278bb2ab
text: BSC
text: 0xda655e6b69e98cbdda93e31804827b49410880bbb3c17b908a71efe85e284dfa
text: symbol
text: address-crypto
text: text
text: BSC
text: 0x6bEf55A0BB4bFF96f947eb1f87E9a59031BB1686
text: DPRK-Linked Potential Communications Channel
text: symbol
text: address-crypto
text: TRX
text: TMfKQEd7TJJa5xNZJZ2Lep838vrzrs7mAP
text: TRX
text: TXfxHUet9pJVU1BgVkBAbrES4YUc1nGzcG
text: TRX
text: TLmj13VL4p6NQ7jpxz8d9uYY6FUKCYatSe
ip: 188.43.33.249
datetime: 2025-11-18T00:00:00+00:00
text: IP login to access cryptocurrency wallet - Vladivostok-related address to TKK
ip: 154.91.0.103
datetime: 2025-02-07T00:00:00+00:00
text: Initial IP from Python Downloader (Payload1_2 (HTTP Payload Stager)) - Attributed to backdoor reported by MalwareHunterTeam
ip: 136.0.9.8
datetime: 2025-06-12T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Initial RAT/LOADER
ip: 166.88.4.2
datetime: 2025-06-12T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Initial RAT/LOADER
ip: 23.27.202.27
datetime: 2025-06-20T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Initial RAT/LOADER
ip: 23.27.120.142
datetime: 2025-10-08T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Python Dropper
ip: 202.155.8.173
datetime: 2025-10-30T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Part 3 Cluster-4
ip: 198.105.127.210
datetime: 2025-11-14T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Unknown
ip: 166.88.134.82
datetime: 2025-11-21T00:00:00+00:00
text: DEV#POPPER.JS RAT IP - Unknown

Source: CIRCL OSINT Feed

Published: Thu Dec 18 2025

XCTDH Crypto Heist Part 4 - Nick Smart and Andrii Sovershennyi

Medium

Unknownmisp-galaxy:country="north korea"misp-galaxy:mitre-attack-pattern="compromise software dependencies and development tools - t1195.001"misp-galaxy:mitre-attack-pattern="compromise software supply chain - t1195.002"misp-galaxy:mitre-attack-pattern="application layer protocol - t1071"misp-galaxy:target-information="north korea"dprk devpopper osint osint:lifetime="perpetual"tlp:clear

Published: Thu Dec 18 2025 (12/18/2025, 00:00:00 UTC)

Source: CIRCL OSINT Feed

Vendor/Project: tlp

Product: clear

Description

AI-Powered Analysis

AILast updated: 01/17/2026, 08:02:38 UTC

Technical Analysis

Potential Impact

Mitigation Recommendations

Affected Countries

Need more detailed analysis?Upgrade to Pro Console

Technical Details

Uuid: 5e5bc49f-4007-4921-bfdb-a289e4ef9fde
Original Timestamp: 1766087924

Indicators of Compromise

File

Value	Description	Copy
filefilename	—
file011025_0x09e61c8f00b01eaa28b3ffaafdeb5f0d402357b87573400ebad1e25f3d9c8693_FINAL.txt	—
file011025_0x1a4272be3c516faea9093f5c2fadadb620cfe8bfbd50e22008847e6056fd91b9_FINAL.txt	—
file011025_0x3b77783f8952ae8235a873a2ac6757f8ae563de56d0006d3f92fd8d73b45ac58_FINAL.txt	—
file011025_0xc3d4740f747e2f0adf622d2ac48ef6bda4b18e3d152028f0f8027216199c4fee_FINAL.txt	—
file011025_0xf9fca982ce5a8ae9463f7b469496a2554d0f09c8ca67ca5034de621963673a5e_FINAL.txt	—
file011225_0x4ff108d057d6e62ec110a5c8a85b1b404aa0bf6299d63ee9a7679d858c981f0f_FINAL.txt	—
file020725_0xc8090a40230cfacb82ead30d8d290a22f8e5f508800d725f8ae2dd1d35e03427_FINAL.txt	—
file071025_0x6c777ac28d0dba345eeda8b65625ef1aec69ecb5a489f25f2a2545cf3b3bb344_FINAL.txt	—
file071025_0xf0adf6867fa5e1f7f9323e992dcad37eda3ca9bff82f49729ff1b85ab84a10d9_FINAL.txt	—
file081025_0x5fa89795ed04f9aa6f1969db1e5ce1767450da04cb86dd1ce582f25891dfd976_FINAL.txt	—
file091025_0x828f00daa9fa68b36d2f2380f3fdc27265c53417ef01660b5421ea1125fad2de_FINAL.txt	—
file091025_0xa1f957a901cdfeb603641b8cd8de22d6ef765bc102e1ce50c7494fb19ea1835d_FINAL.txt	—
file120625_0x95cac861a838481cbef0557e60098703038acfc920abfdcf272714cfbc7c12e9_FINAL.txt	—
file130625_0x1cfb0f48dbed9db15451b06328619e3cc33f22616611411afc5be3005e768b59_FINAL.txt	—
file130625_0x377ee776fc12e468813a1cb1f36b71b973f40f78baf053f6ef77bf35968d706e_FINAL.txt	—
file130625_0x37a83b05ab074c13bacd2493b97b876f97bc310726c9f8191982e4df180fc851_FINAL.txt	—
file130625_0x3925fbf4a2e49966bc2d84cb4c134a28059e8483f7f8e2750c5aae737bfebe1d_FINAL.txt	—
file130625_0xf7e6cbd4551c45cfeb3f57574f7685dde8ca6be7a6ce5f99cf5ff237a6e51cde_FINAL.txt	—
file141125_0x4e0c8d86a755bc1a658619c9f399c3e108150539809bd049d9d8e7e3160bd388_FINAL.txt	—
file170625_0x03decfa85c107de640312424534ae89a8457ede2f7582c4b84d20f158c9f3e36_FINAL.txt	—
file170625_0x12bc330c25900831eec4a6f6c16bfd1e742f724707528305b92ba367f8c6d381_FINAL.txt	—
file170625_0x41dceafa3b3b7769b8cec6d1ee186b978a9151d1e160badaf680f61667597f3e_FINAL.txt	—
file170625_0x597f5aee26ed111568bf0ae5bc8b783e4daab081ddda686ec9d489da9f9c4873_FINAL.txt	—
file170625_0x5eb9a2d184d875335cf264272002fd7222b2da8ad2c9e4facaca4b03511458aa_FINAL.txt	—
file170625_0x63f4ff9e98349e50304c24b55cd315d6e008d0ebae86ddd65c4e4b5bf949a63a_FINAL.txt	—
file170625_0x86513aaee4aa6589e527c6ba7ca1ded4f0db4ed9daadbc9e301c377792fd6164_FINAL.txt	—
file170625_0x973a7ee648c3bb0fb77971a6c219e6a5914d31377fc750a61f5717376c049f4e_FINAL.txt	—
file170625_0xaf616b66476c664e15d2b6b5e69f5bb3ae08abfb8c27ce6a041459c0e6a68e02_FINAL.txt	—
file170625_0xb39a381e2dc8885690851f2cdd85ac7f4ae7006ada959b1f65f5ed237eebe315_FINAL.txt	—
file180625_0x2f92acf3113372eb8763fc84ce06d313322d40c486ccb5762c5ef9471dec9b52_FINAL.txt	—
file180625_0x7d30b9b20f2e653af16b3d5b91c1e3b4bf9fcd74d1ce1e3a95f7e509f5fb0c71_FINAL.txt	—
file180625_0x983bef452471f55ca9900934934ec6833630e788f3ed2c05ff3f300f72ca9acd_FINAL.txt	—
file180625_0xc0207f0a9afcbd1ff311e3107c0ae2202fc3bb7d121c82d101a342f25dc6e05c_FINAL.txt	—
file180625_0xc771e2e284c0d18ad72baaca87fe13484324e0f52d48daabf65acb064ad3c307_FINAL.txt	—
file180625_0xfcc68ecf4919b06aaedbebf09da5131e170fcf615c9aa4b22207a5f1cfdad695_FINAL.txt	—
file181125_0x23b3d184652dc2b44fe98df7d7a80fa9c0e189e4e648798105ad2387313dd3ff_FINAL.txt	—
file190625_0x26b03d116d6cbdbeb925e6067daecfccf88002541d9f51c422c34181441ecb15_FINAL.txt	—
file190625_0x2b1f890d751aa5773ba273b28a5298da6617ec4e1c7fea7bf8560e741499bd2a_FINAL.txt	—
file190625_0x329d4aa892781bf7eff8ba1c0b07bac2c4d188c4690db68917247d857eaa74c2_FINAL.txt	—
file190625_0xa976af8ffc133d508c5dfc471fcb771958badf1e95a043dd8d7fd28488ec780a_FINAL.txt	—
file190625_0xe22eee97aa7f8eaa3fd78c3b0c007ce11e594eef87d2c0979ad1575aa6703004_FINAL.txt	—
file190825_0x4d0ab1733753d2433129bff615868fd9808566282d6f4671b768cca08d27354f_FINAL.txt	—
file190825_0x6ffe3a79890861f53337ba1537d797b0a489e9b51a8421e927de035004349f9e_FINAL.txt	—
file190825_0x96c86186849a7722a749c44adbf17aa07c1fe70fd7c7913bc17d50b15db72c93_FINAL.txt	—
file190825_0xa8cdabea3616a6d43e0893322112f9dca05b7d2f88fd1b7370c33c79076216ff_FINAL.txt	—
file190825_0xcd05967c742629276ad2b4a78acbf793503d8283baa8fb8e1288b0296af8e544_FINAL.txt	—
file191125_0x942926ed344800452f42a29234ab9738fac407994aeb23c3953132aaaa7bf9d8_FINAL.txt	—
file200625_0x047d1f6ea5b56c3153a37d61d64dd9b024fc42d8f087cdd4126757d189d402af_FINAL.txt	—
file200625_0x07d161add55778d999a7b90541d80db202b0822e14bae22ac97e53d0bfdd0441_FINAL.txt	—
file200625_0x09f6929c8c17ddee245db4563eec9b878a4dbce9a99d7af76c38dc1c82b7127d_FINAL.txt	—
file200625_0x1a02d48bbf90d73cc6ceef66e5853356d9d25081cf830f91af5fc04af831f8ac_FINAL.txt	—
file200625_0x72e4131d73807d6d49687e90ee75ca87a898ed342148010c38a5018b773abafa_FINAL.txt	—
file200625_0xb1a0eaa97d34ac623e9f184d4033da9a0031445f7c62b77e03bf80af2f19abd3_FINAL.txt	—
file200625_0xd9b6a190ff74bc2848dd008667ef51001ad16cf3fa8bbc72c1c55457d4e109dc_FINAL.txt	—
file200625_0xfefbf41134511bc60de5690901bd8270dbc57d0fc434b5ef8e0a1de555acc86c_FINAL.txt	—
file211125_0x5895d4c1c3cd8094d53cbf987037af8b92ad9b1af8dff44573f606c8851d5473_FINAL.txt	—
file211125_0x8e02556718a5b214cae34bd881c15398394be28c859b4f1c66fe3d45d7f78ebc_FINAL.txt	—
file211125_0xba3c88693d59e2e9742974ef6e2c4a9e649d8c92e91c2b8560eb62894b9c9c71_FINAL.txt	—
file230725_0x8d1facf6f9ec618abf439d6a5da65d4f2741221be66ad26ff8fdfdd9ac301257_FINAL.txt	—
file240625_0x084a392b5800a757601db68c73713827df379c90c8326b8837cf646bff86b003_FINAL.txt	—
file240625_0x37f5d0a6132ee0c8ef2ecd6e3f29063276bd92967cb59aa4086b4b9e4dfe2dbd_FINAL.txt	—
file240625_0x71be83c087ac53c3fec2e4b03c55887972eeeacc265ea8dfdcfd41f0dd10f758_FINAL.txt	—
file240625_0xa30980b4f0507e4a176142b57aea6ee015ed8dea00b66ee3eeb3a906fdec879a_FINAL.txt	—
file240625_0xaca9628f11f3befa7a69d0667195de4d157a666774560f31e79f558f2ba233f4_FINAL.txt	—
file240625_0xca0244973ecb28726b9c5b57878d52b7d098ea2790e2770b37909d81ca059205_FINAL.txt	—
file240725_0x8041c491ae908686498c282c5bdb12c6ebad48a0e77e13a36e7cd7c51c7b1c18_FINAL.txt	—
file301025_0x197b587bc976641277791f951518667f12c93d1ace916b3fe79f84759a62f504_FINAL.txt	—
file301025_0x1f6ef3780544d7e9a0052c83753e791f8eabf970a378b2059bed4967faaa49d4_FINAL.txt	—
file301025_0x52540d15652271a5601ff6cc763da2588610ab5be760dd7ba33240c9faa038a2_FINAL.txt	—
file301025_0x87a3eeaf03a8f23da54592e75e0dec441f62fcdac5a642eb3a846c19683d939e_FINAL.txt	—
file301025_0xb82d9ef7a8cefef8b9a3aa33860e3a62ff1951b3b145f689ddeb438a278bb2ab_FINAL.txt	—
file301025_0xda655e6b69e98cbdda93e31804827b49410880bbb3c17b908a71efe85e284dfa_FINAL.txt	—

Hash

Value	Description	Copy
hash07f24071e2914c0be127004f5f4e98c22b319ceccdce07c84ff71244db187efc	—
hash6ca251da28246371936cbe8083f52527fb4fdfee4045fed3867bb614e67d13f7	—
hashb9264734cdc4bdc0cf0939729194a48b366470539c32b91417a50e3857721956	—
hash27dd9a146de5f8e7978a00c53ca8ec603f88e7652f99d1493b274689a4c8e542	—
hash4038400fbf249d9b6103815d105dcb23c6c61e6c1026a2a35a64564bf38706b3	—
hashe37ef036d36de9697c551139d0d8a4c6a401dd332a4f5872c1f21ab755f969ef	—
hashe18ddf47412ad4b1ed92dffcf15a6d8ae18b60c8b4e002cdd29237663d5b8308	—
hasheed4768a1127c2e15fc3f9f83fb8fa018862d1f46dab6b4c1bc7dd8fb0da56a1	—
hash913081a0cfad76e49c6c7eff89ef31a599e60d0288fe0576e8c61e75eda36517	—
hash89eb1359cb19f926caf29c01f2f587750d6a6d2a5040cc22fb4cd98f2fdbc178	—
hash1c5a64ccbe846c159ac057748a50e3179e72050f4c6c52b9404c29d0e567a259	—
hash383a8da67be2067b37969873a4c76ca0034f9c9d144e2758234e857ae6d57741	—
hash7af08b2fa4b31e38f5a43b62cad4882ff76e719c165bfbc980d970ea95c34e7e	—
hash612cd30ca0f3dba0145bd8771f26ab5b9d34b8e53c4fac9908ba8f04b4906bcd	—
hashe6581a900989e859c7cb36c11da81c3e3d3a0ccc2f9a7f943bb65296bd6996bd	—
hash5171c3af3f5d10194345b331250ab3475e67368f1dd69cf7d09d4cc57cbfec9d	—
hash0ff16be0423bc8cba51cb494b3f1195c72dcfc6e1099745b28b7e4591e7d4643	—
hashd373bad3feea05081330e9a236130bb3fdc382cbd30bad217555893312903711	—
hashdd0aa0d09d093781febc75959a93212223617c7877eb70155e1428eed27cfbef	—
hashe2fdf1a6b938bfed8c81af38dca846d721b0c23a755c3db33e5d944bc9d7e6ca	—
hashe7758f9eacbceadbd40e54938646264b0141137ad8dec07d944cb0be706870b0	—
hashfb0ce6bf67c2ea1472662c3b037da094e6881385747cea6381df162e277e51bc	—
hashc4b4af51e23974bc1d325f6951ecc4c97f2af85fe63bc97c486763c9c34f14a5	—
hashbcdd49ff87f064b07a373819d442eaa07af7c28cdede6c235dea54c54c518be9	—
hash277b158f399268385b3662bd28d531293cf3475cd125e806fb8ec951a5e5e4b1	—
hash7a33761de291683f61ad9a00ecb79ed1f4f9d5e3f11f4484857b34282a1e8127	—
hash1829acdbfd5744d784606a0a537937c4855188afc13997795e7a39c3e79ab2c4	—
hash230ba71f5a04a6a464ddd4b4ddd2e26563be786d3ca6f778afa4cf5fb27140e0	—
hash4791a87502a06a7002a7cf85d415efd7fe0b1a8d734117f44a5109a701162aa9	—
hash9e99a6f8ba8e64f3ffd6ca2747ac4c3a335fc9451eb0875c4eec8692e76e94b3	—
hash0547bee3fe719f35b628915ac371ffcf5b9c69279714e9d6c63b7b33404244e5	—
hash6e948ea77f6e77056c50d10caa9804ec6303efead7c5d36c353471fd72074efa	—
hash22cf7796c4793d851c000942a9c732fc47bfebc40e70ed31755410f057f25913	—
hashae2c969bee3be225f0acf32a6238564e9cbe358deb1b470f9a768bab751b666c	—
hash65445d06b6b21009497053a22f97a9195c6eb15c789435eeceb0682c06614727	—
hash4ad891c8f85dde622882710ab285c60b50e38c717d89b254804277543596ab88	—
hashb79fc5096afd3ab3edebfc47dd93a80ec1bdfc411516b71f179ed62a40c8ff67	—
hashce23dbab26748abe9700339372c644616e8a69d4db5ec60bb8ff59ae8e0f7d16	—
hash5408118388a65d775d1852e7f5b5eb8b5d899b4aaf333b30425cc6eaf7f053b1	—
hash83352c6d090931d2372223c7d7fa8d4fe3028418c97b8e4a25a2d0c90d59dc33	—
hashc2dcbadbef77d75d9520c72a1d6e8363f5be485d56ffc8ea1c75fa06f2e5d004	—
hash2ccfb47a8dde6e0eeb759115827d5651db58960724c7005835d94d4f41fc572f	—
hash77158e1b4b8811c0dc2d603534bbd68c7640ff335324eaf2792bf45e9fd9a861	—
hash1e753dcdfbdc89cbe643764f3a2c0effd05e1a2b1107a51b585ef9318dc81628	—
hash845c3f71223074131299eb9547696e890dc996c03d11689f2ac69c8aed9eb54e	—
hash149281934c455be638f5914dd57878a87eca6e9c66a2745b2a02d97624fa877a	—
hash28093b1053d2738d9ffe0520f2a600f45d2841ed51df1733e81c6ca97a454f85	—
hash9aea1b4863e6566572949b292605f1e4459eb4d2ec081e52d6901788fd60c8be	—
hashefe79242420d3cc3f325df5f1cb18c47ddd0bf10960308d3a392f7a3bc769145	—
hashc5e6893eb772a1b7f9dffe6aa55dd994aff227dd5b8fa6cb7b53e283b98d6f10	—
hash87853d1cf670f63c200bd4b63b8c657a5e6586de95d5523f8936ec7ffe947567	—
hashf24ac3a6c33ea93c3f25f6aa564afe0d39aa790b2a78330139971d02aa18570f	—
hashc5ac82f708afa842dd62844e49ebab8dca94de6ea0fc2d04dba7389d8390a999	—
hash409a742b0ae4956cd3711f7bae2d8ea7c261001e9e8e807b8c20ac695f5f73d9	—
hashc8444eef8faff68bb10b0f0158e4fd96d15e9fc3ca1ded5ab0f88969236d4c22	—
hashe10e538f88c8ca6054773db12f227f5fa4b4d6abba213bf4923c582f091dba8f	—
hash3e6147933a7ae14212a840b914cd6839083f24f83e11842ac5f07e2874011d01	—
hashc49129c08c40ac720d6cd40173fab96f5ae87240fd4056b47ee6d112d5d5db27	—
hashbe8c0d340c42ba9e114a9f2bc20e8675e23647e9dae30347bfed8d98981b2ddc	—
hash95d1fe04cb4546570485baf2fab9cf616c6436fe26bb70bb3d42fbc19ccf7481	—
hash07d3bb1526f852614cbfa8e8b5d4c847471ffdbdd01ecc9782be996c22f6db23	—
hash5937fbd88c69425a98497a35dd9d6c4c83305bfa8b861cc24e3057ad6fecc7ff	—
hashe04b1aaab8cc2326e2d7d83bfd791827319092f5330ab0dbcf0353d3d9d4995e	—
hashb1de02b78e21068c4a27b75a740fb7828d3994fc077b7b508fe8b427014c9a2c	—
hash67307ab9ff0407ae4cbca3c397f7325bd25318b747305d7d07e603b0d04c6206	—
hash0488c535c336e4d94dfccddffe0af1704fd9a9e53ce782698dc63c42bc82b2dc	—
hasha10abb88decde2c3444f3145ec28e7c4b698c976d48fb167715495cd0d30b90f	—
hash81ce19c8ddfd2a79af7e2d859e38fc4a34d6e6a1befefedf87902acea3b142e5	—
hash4d687b01f812e547562314567134f000eb73738bd087aac70634ae7817023670	—
hash87de92dca4714a98e2b5545b8d20b2ec1a3bbd26153d83ce5eab11a7408b3219	—
hash09dba852baa4948487bfff62c82beea4695bc8c5d070eb426516317367610ceb	—
hash64fb20845c96e40ddea3dac75909a9efaa7692c1645a68fd26e6ea5d25bf183e	—

Text

Value	Description	Copy
textsymbol	—
texttransaction-number	—
textBSC	—
text0x09e61c8f00b01eaa28b3ffaafdeb5f0d402357b87573400ebad1e25f3d9c8693	—
textBSC	—
text0x1a4272be3c516faea9093f5c2fadadb620cfe8bfbd50e22008847e6056fd91b9	—
textBSC	—
text0x3b77783f8952ae8235a873a2ac6757f8ae563de56d0006d3f92fd8d73b45ac58	—
textBSC	—
text0xc3d4740f747e2f0adf622d2ac48ef6bda4b18e3d152028f0f8027216199c4fee	—
textBSC	—
text0xf9fca982ce5a8ae9463f7b469496a2554d0f09c8ca67ca5034de621963673a5e	—
textBSC	—
text0x4ff108d057d6e62ec110a5c8a85b1b404aa0bf6299d63ee9a7679d858c981f0f	—
textBSC	—
text0xc8090a40230cfacb82ead30d8d290a22f8e5f508800d725f8ae2dd1d35e03427	—
textBSC	—
text0x6c777ac28d0dba345eeda8b65625ef1aec69ecb5a489f25f2a2545cf3b3bb344	—
textBSC	—
text0xf0adf6867fa5e1f7f9323e992dcad37eda3ca9bff82f49729ff1b85ab84a10d9	—
textBSC	—
text0x5fa89795ed04f9aa6f1969db1e5ce1767450da04cb86dd1ce582f25891dfd976	—
textBSC	—
text0x828f00daa9fa68b36d2f2380f3fdc27265c53417ef01660b5421ea1125fad2de	—
textBSC	—
text0xa1f957a901cdfeb603641b8cd8de22d6ef765bc102e1ce50c7494fb19ea1835d	—
textBSC	—
text0x95cac861a838481cbef0557e60098703038acfc920abfdcf272714cfbc7c12e9	—
textBSC	—
text0x1cfb0f48dbed9db15451b06328619e3cc33f22616611411afc5be3005e768b59	—
textBSC	—
text0x377ee776fc12e468813a1cb1f36b71b973f40f78baf053f6ef77bf35968d706e	—
textBSC	—
text0x37a83b05ab074c13bacd2493b97b876f97bc310726c9f8191982e4df180fc851	—
textBSC	—
text0x3925fbf4a2e49966bc2d84cb4c134a28059e8483f7f8e2750c5aae737bfebe1d	—
textBSC	—
text0xf7e6cbd4551c45cfeb3f57574f7685dde8ca6be7a6ce5f99cf5ff237a6e51cde	—
textBSC	—
text0x4e0c8d86a755bc1a658619c9f399c3e108150539809bd049d9d8e7e3160bd388	—
textBSC	—
text0x03decfa85c107de640312424534ae89a8457ede2f7582c4b84d20f158c9f3e36	—
textBSC	—
text0x12bc330c25900831eec4a6f6c16bfd1e742f724707528305b92ba367f8c6d381	—
textBSC	—
text0x41dceafa3b3b7769b8cec6d1ee186b978a9151d1e160badaf680f61667597f3e	—
textBSC	—
text0x597f5aee26ed111568bf0ae5bc8b783e4daab081ddda686ec9d489da9f9c4873	—
textBSC	—
text0x5eb9a2d184d875335cf264272002fd7222b2da8ad2c9e4facaca4b03511458aa	—
textBSC	—
text0x63f4ff9e98349e50304c24b55cd315d6e008d0ebae86ddd65c4e4b5bf949a63a	—
textBSC	—
text0x86513aaee4aa6589e527c6ba7ca1ded4f0db4ed9daadbc9e301c377792fd6164	—
textBSC	—
text0x973a7ee648c3bb0fb77971a6c219e6a5914d31377fc750a61f5717376c049f4e	—
textBSC	—
text0xaf616b66476c664e15d2b6b5e69f5bb3ae08abfb8c27ce6a041459c0e6a68e02	—
textBSC	—
text0xb39a381e2dc8885690851f2cdd85ac7f4ae7006ada959b1f65f5ed237eebe315	—
textBSC	—
text0x2f92acf3113372eb8763fc84ce06d313322d40c486ccb5762c5ef9471dec9b52	—
textBSC	—
text0x7d30b9b20f2e653af16b3d5b91c1e3b4bf9fcd74d1ce1e3a95f7e509f5fb0c71	—
textBSC	—
text0x983bef452471f55ca9900934934ec6833630e788f3ed2c05ff3f300f72ca9acd	—
textBSC	—
text0xc0207f0a9afcbd1ff311e3107c0ae2202fc3bb7d121c82d101a342f25dc6e05c	—
textBSC	—
text0xc771e2e284c0d18ad72baaca87fe13484324e0f52d48daabf65acb064ad3c307	—
textBSC	—
text0xfcc68ecf4919b06aaedbebf09da5131e170fcf615c9aa4b22207a5f1cfdad695	—
textBSC	—
text0x23b3d184652dc2b44fe98df7d7a80fa9c0e189e4e648798105ad2387313dd3ff	—
textBSC	—
text0x26b03d116d6cbdbeb925e6067daecfccf88002541d9f51c422c34181441ecb15	—
textBSC	—
text0x2b1f890d751aa5773ba273b28a5298da6617ec4e1c7fea7bf8560e741499bd2a	—
textBSC	—
text0x329d4aa892781bf7eff8ba1c0b07bac2c4d188c4690db68917247d857eaa74c2	—
textBSC	—
text0xa976af8ffc133d508c5dfc471fcb771958badf1e95a043dd8d7fd28488ec780a	—
textBSC	—
text0xe22eee97aa7f8eaa3fd78c3b0c007ce11e594eef87d2c0979ad1575aa6703004	—
textBSC	—
text0x4d0ab1733753d2433129bff615868fd9808566282d6f4671b768cca08d27354f	—
textBSC	—
text0x6ffe3a79890861f53337ba1537d797b0a489e9b51a8421e927de035004349f9e	—
textBSC	—
text0x96c86186849a7722a749c44adbf17aa07c1fe70fd7c7913bc17d50b15db72c93	—
textBSC	—
text0xa8cdabea3616a6d43e0893322112f9dca05b7d2f88fd1b7370c33c79076216ff	—
textBSC	—
text0xcd05967c742629276ad2b4a78acbf793503d8283baa8fb8e1288b0296af8e544	—
textBSC	—
text0x942926ed344800452f42a29234ab9738fac407994aeb23c3953132aaaa7bf9d8	—
textBSC	—
text0x047d1f6ea5b56c3153a37d61d64dd9b024fc42d8f087cdd4126757d189d402af	—
textBSC	—
text0x07d161add55778d999a7b90541d80db202b0822e14bae22ac97e53d0bfdd0441	—
textBSC	—
text0x09f6929c8c17ddee245db4563eec9b878a4dbce9a99d7af76c38dc1c82b7127d	—
textBSC	—
text0x1a02d48bbf90d73cc6ceef66e5853356d9d25081cf830f91af5fc04af831f8ac	—
textBSC	—
text0x72e4131d73807d6d49687e90ee75ca87a898ed342148010c38a5018b773abafa	—
textBSC	—
text0xb1a0eaa97d34ac623e9f184d4033da9a0031445f7c62b77e03bf80af2f19abd3	—
textBSC	—
text0xd9b6a190ff74bc2848dd008667ef51001ad16cf3fa8bbc72c1c55457d4e109dc	—
textBSC	—
text0xfefbf41134511bc60de5690901bd8270dbc57d0fc434b5ef8e0a1de555acc86c	—
textBSC	—
text0x5895d4c1c3cd8094d53cbf987037af8b92ad9b1af8dff44573f606c8851d5473	—
textBSC	—
text0x8e02556718a5b214cae34bd881c15398394be28c859b4f1c66fe3d45d7f78ebc	—
textBSC	—
text0xba3c88693d59e2e9742974ef6e2c4a9e649d8c92e91c2b8560eb62894b9c9c71	—
textBSC	—
text0x8d1facf6f9ec618abf439d6a5da65d4f2741221be66ad26ff8fdfdd9ac301257	—
textBSC	—
text0x084a392b5800a757601db68c73713827df379c90c8326b8837cf646bff86b003	—
textBSC	—
text0x37f5d0a6132ee0c8ef2ecd6e3f29063276bd92967cb59aa4086b4b9e4dfe2dbd	—
textBSC	—
text0x71be83c087ac53c3fec2e4b03c55887972eeeacc265ea8dfdcfd41f0dd10f758	—
textBSC	—
text0xa30980b4f0507e4a176142b57aea6ee015ed8dea00b66ee3eeb3a906fdec879a	—
textBSC	—
text0xaca9628f11f3befa7a69d0667195de4d157a666774560f31e79f558f2ba233f4	—
textBSC	—
text0xca0244973ecb28726b9c5b57878d52b7d098ea2790e2770b37909d81ca059205	—
textBSC	—
text0x8041c491ae908686498c282c5bdb12c6ebad48a0e77e13a36e7cd7c51c7b1c18	—
textBSC	—
text0x197b587bc976641277791f951518667f12c93d1ace916b3fe79f84759a62f504	—
textBSC	—
text0x1f6ef3780544d7e9a0052c83753e791f8eabf970a378b2059bed4967faaa49d4	—
textBSC	—
text0x52540d15652271a5601ff6cc763da2588610ab5be760dd7ba33240c9faa038a2	—
textBSC	—
text0x87a3eeaf03a8f23da54592e75e0dec441f62fcdac5a642eb3a846c19683d939e	—
textBSC	—
text0xb82d9ef7a8cefef8b9a3aa33860e3a62ff1951b3b145f689ddeb438a278bb2ab	—
textBSC	—
text0xda655e6b69e98cbdda93e31804827b49410880bbb3c17b908a71efe85e284dfa	—
textsymbol	—
textaddress-crypto	—
texttext	—
textBSC	—
text0x6bEf55A0BB4bFF96f947eb1f87E9a59031BB1686	—
textDPRK-Linked Potential Communications Channel	—
textsymbol	—
textaddress-crypto	—
textTRX	—
textTMfKQEd7TJJa5xNZJZ2Lep838vrzrs7mAP	—
textTRX	—
textTXfxHUet9pJVU1BgVkBAbrES4YUc1nGzcG	—
textTRX	—
textTLmj13VL4p6NQ7jpxz8d9uYY6FUKCYatSe	—
textIP login to access cryptocurrency wallet - Vladivostok-related address to TKK	—
textInitial IP from Python Downloader (Payload1_2 (HTTP Payload Stager)) - Attributed to backdoor reported by MalwareHunterTeam	—
textDEV#POPPER.JS RAT IP - Initial RAT/LOADER	—
textDEV#POPPER.JS RAT IP - Initial RAT/LOADER	—
textDEV#POPPER.JS RAT IP - Initial RAT/LOADER	—
textDEV#POPPER.JS RAT IP - Python Dropper	—
textDEV#POPPER.JS RAT IP - Part 3 Cluster-4	—
textDEV#POPPER.JS RAT IP - Unknown	—
textDEV#POPPER.JS RAT IP - Unknown	—

Ip

Value	Description	Copy
ip188.43.33.249	—
ip154.91.0.103	—
ip136.0.9.8	—
ip166.88.4.2	—
ip23.27.202.27	—
ip23.27.120.142	—
ip202.155.8.173	—
ip198.105.127.210	—
ip166.88.134.82	—

Datetime

Value	Description	Copy
datetime2025-11-18T00:00:00+00:00	—
datetime2025-02-07T00:00:00+00:00	—
datetime2025-06-12T00:00:00+00:00	—
datetime2025-06-12T00:00:00+00:00	—
datetime2025-06-20T00:00:00+00:00	—
datetime2025-10-08T00:00:00+00:00	—
datetime2025-10-30T00:00:00+00:00	—
datetime2025-11-14T00:00:00+00:00	—
datetime2025-11-21T00:00:00+00:00	—

Threat ID: 69457da2133fda1465c8178d

Added to database: 12/19/2025, 4:30:26 PM

Last enriched: 1/17/2026, 8:02:38 AM

Last updated: 2/7/2026, 4:23:42 PM

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Related Threats

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need more coverage?

Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

XCTDH Crypto Heist Part 4 - Nick Smart and Andrii Sovershennyi

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Affected Countries

Indicators of Compromise

XCTDH Crypto Heist Part 4 - Nick Smart and Andrii Sovershennyi

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Affected Countries

Technical Details

Indicators of Compromise

File

Hash

Text

Ip

Datetime

Community Reviews

Related Threats

KRVTZ-NET IDS alerts for 2026-02-07

KRVTZ-NET IDS alerts for 2026-02-06

KRVTZ-NET IDS alerts for 2026-02-05

New year, new sector: Targeting India's startup ecosystem

KRVTZ-NET IDS alerts for 2026-02-04

Actions

External Links

Need more coverage?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility