← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Fake pirated software sites serve up malware droppers as a service
WHITE AlienVault 2021-09-07 Modified: 2021-09-07
578
IOCs
HIGH VOLUME
The Raccoon Stealer malware campaign has been linked to a network of websites acting as an underground marketplace for paid download services, according to research by security firm Sophos and its partner, the Secure Networks.
RaccoonContiStealerCryptbotCryptojackersDropper-As-A-ServiceRansomwareStealerCryptBotGlupteba
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Raccoon Conti CryptBot Glupteba
Indicators of Compromise (3 / 578 total)
All FileHash-MD5 hostname FileHash-SHA1 FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 5c20216270730bf35431cb722fef6a67 2021-09-07
FileHash-MD5 e1d98d28521fb12f0d3b6aeef43af1eb MD5 of d235fbbbe8a782c3d48793d237383143c4522e9a576d7da34eeab03fa38ec8f8 2021-09-07
FileHash-MD5 ee6186b0cd25ac5ca7ae401293d8552b MD5 of 82ee489d3988ba03240f9ac40f31789f15ad9fd2 2021-09-07
References (2)
↗ https://news.sophos.com/en-us/2021/09/01/fake-pirated-software-sites-serve-up-malware-droppers-as-a-service/ ↗ https://github.com/sophoslabs/IoCs/blob/master/Troj-DropperAsAService.csv