Skype, Teams Attachment Delivers DarkGate Indicators of Compromise (IOCs) SHA256 Indicator Detection 4ed69ed4282f5641b5425a9fca4374a17aecb160 uaarsy.au3 Trojan.AutoIt.DARKGATE.A 549cb39cea44cf8ca7d781cd4588e9258bdff2a1 bcdgkdb.au3 Trojan.AutoIt.DARKGATE.A e108fe723265d885a51e9b6125d151b32e23a949 edabeeg.au3 TrojanSpy.AutoIt.DARKGATE.AA a85664a8b304904e7cd1c407d012d3575eeb2354 jpeg.lnk Trojan.LNK.DARKGATE.A 924b60bd15df000296fc2b9f179df9635ae5bfed jpeg.lnk Trojan.LNK.DARKGATE.A cec7429d24c306ba5ae8344be831770dfe680da4 jpeg.lnk Trojan.LNK.DARKGATE.A d9a2ae9f5cffba0d969ef8edbbf59dc50586df00 jpeg.lnk Trojan.LNK.DARKGATE.A 381bf78b64fcdf4e21e6e927edd924ba01fdf03d jpeg.lnk Trojan.LNK.DARKGATE.A 4c24d0fc57633d2befaac9ac5706cbc163df747c dcfbahk.lnk Trojan.LNK.DARKGATE.A 9253eed158079b5323d6f030e925d35d47756c10 name.ps1 Trojan.PS1.PEDROPPER.VSNW0DI23 0e7b5d0797c369dd1185612f92991f41b1a7bfa2 wghcbp.vbs Trojan.VBS.DARKGATE.A 7d3f4c9a43827bff3303bf73ddbb694f02cc7ecc Folkevognsrugbrd.exe Trojan.Win32.GULOADER.UVFTND e47086abe1346c40f58d58343367fd72165ddecd UpdatePaymentsMethod.txt.vbs Trojan.VBS.DOWNLOADER.AE 42fe509513cd0c026559d3daf491a99914fcc45b NewAgreementsOperationSystem.pdf www.skype.7z Trojan.VBS.DOWNLOADER.AE 93cb5837a145d688982b95fab297ebdb9f3016bc NewAgreementsOperationSystem.pdf www[.]skype[.]vbs Trojan.VBS.DOWNLOADER.AE f7b9569a536514e70b6640d74268121162326065 TransactionRefundPaymentsList.pdf www.skype.vbs Trojan.VBS.DOWNLOADER.AE d40c7afee0dd9877bbe894bc9f357b50e002b7e2 NewPaymentsMerchantBanks.pdf www.skype.vbs Trojan.VBS.GULOADER.AV 1f550b3b5f739b74cc5fd1659d63b4a22d53a3fc FXNovusAgreements.pdf www.skype (1).vbs Trojan.VBS.GULOADER.AV 3229a36f803346c513dbb5d6fe911d4cb2f4dab1 VooZAZANewOffer2023.pdf www.skype.vbs Trojan.VBS.GULOADER.AV 6585e15d53501c7f713010a0621b99e9097064ff information-BGaming 30-06-2023.pdf www.skype..vbs Trojan.VBS.GULOADER.AV 001e4eacb4dd47fa9f49ff20b5a83d3542ad6ba2 PaymentsModuleIntegration.pdf www.skype.com (1).vbs Trojan.VBS.GULOADER.AV ad1667eaf03d3989e5044faa83f6bb95a023e269 NewMultiaccountSystemOffer.pdf www.skype.vbs Trojan.VBS.GULOADER.AV a3516b2bb5c60b23b4b41f64e32d57b5b4c33574 AlbForexNewListProfit.pdf www.skype.vbs Trojan.VBS.GULOADER.AV e6347dfdaf3f1e26d55fc0ed3ebf09b8e8d60b3f NewBankInformationTrading.pdf www.skype.vbs Trojan.VBS.GULOADER.AV 3cbbdfc83c4ef05c0f5c37c99467958051f4a0e1 MatchPrimeTradingReportInvoice.pdf www.skype.vbs Trojan.VBS.GULOADER.AV f3a740ea4e04d970c37d82617f05b0f209f72789 FinanceReportNewProject.pdf www.skype (1).vbs Trojan.VBS.GULOADER.AV e6e4c7c2c2c8e370a0ec6ddb5d998c150dcb9f10 IntegrationTrafficList.pdf www.skype.vbs Trojan.VBS.GULOADER.AV 45a89d03016695ad87304a0dfd04648e8dfeac8f PlaynGoNewIntegrationSystem.vbs Trojan.VBS.GULOADER.AV URL Description msteamseyeappstore.com Phishing site Drkgatevservicceoffice.net Disease vector reactervnamnat.com Disease vector coocooncookiedpo.com Disease vector wmnwserviceadsmark.com Disease vector onlysportsfitnessam.com Disease vector marketisportsstumi.win Command and control (C&C) server hxxp://corialopolova.com/vHdLtiAzZYCsHszzP118[.]bin Disease vector 5.188.87.58 Disease vector 5.188.87.58:2351 Disease vector 5.188.87.58:2351/iqryhosg Disease vector