Persian Stalker pillages Iranian users of Instagram and Telegram

description:

publish date:

reference :

IOC Table
total 60
type value
domain 30dn.ir
domain andromedaa.com
domain andromedaa.ir
domain andromedaa.net
domain bazdiddarbazdid.com
domain broadcastnews.pro
domain buycomment.ir
domain buyfollower.ir
domain buylike.in
domain buylike.ir
domain cbgr.ir
domain com-messengersaccount.name
domain commentbegir.com
domain commentbegir.ir
domain confirm-identification.name
domain confirm-verification-process.systems
domain download-drive-share.ga
domain fbgr.ir
domain file-share.ga
domain flbgr.com
domain followbegir.ir
domain followerbeg.ir
domain followerbegir.ir
domain followgir.ir
domain hangouts-talk.ga
domain harsobh.com
domain homayoon.info
domain hotgram.ir
domain im9.ir
domain invitation-to-messenger.space
domain lbgr.ir
domain lik3.org
domain likebeg.ir
domain likebegir.com
domain lkbgr.com
domain mail-login-profile.com
domain mail-profile.com
domain mobile-messengerplus.network
domain mobilecontinue.network
domain ndrm.ir
domain obgr.ir
domain oogle.ga
domain ozvbegir.com
domain ozvbegir.ir
domain ozvdarozv.com
domain ozvdarozv.ir
domain sessions-identifier-memberemailid.network
domain stratup-monitor.com
domain talagram.ir
domain viewmember.ir
domain watch-youtube.live
domain xn--oogle-v1a.ga
domain youpo.st
domain youridentityactivity.world
FileHash-SHA256 24a545778b72132713bd7e0302a650ca9cc69262aa5b9e926633a0e1fc555e98
FileHash-SHA256 8ecf5161af04d2bf14020500997afa4473f6a137e8f45a99e323fb2157f1c984
FileHash-SHA256 a2cf315d4d6c6794b680cb0e61afc5d0afb2c8f6b428ba8be560ab91e2e22c0d
FileHash-SHA256 a7609b6316b325cc8f98b186d46366e6eefaae101ee6ff660ecc6b9e90146a86
URL https://v1.flbgr.com/users/start.php?api=19&user=%DA%A9%D8%A7%D8%B1%D8%A8%D8%B1&apk=61&tut=15369351307
URL http://lh9.talagram.ir/v3/proxy?slt=1451531005724&appId=3