IOC pivotioc · sha-256
26884f872f4fae13da21fa2a24c24e963ee1eb66da47e270246d6d9dc7204c2b
IR · IranAPT34confidence · high
Malicious Excel document 'Confirmation Receive Document.xls' used by APT34 to drop the Saitama backdoor in the April 2022 Jordanian Foreign Ministry spearphishing campaign analyzed by Malwarebytes.
- family
- Saitama
- first seen
- Apr 25, 2022
- publisher
- Malwarebytes (ThreatDown)