← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Fake pirated software sites serve up malware droppers as a service
WHITE AlienVault 2021-09-07 Modified: 2021-09-07
578
IOCs
HIGH VOLUME
The Raccoon Stealer malware campaign has been linked to a network of websites acting as an underground marketplace for paid download services, according to research by security firm Sophos and its partner, the Secure Networks.
RaccoonContiStealerCryptbotCryptojackersDropper-As-A-ServiceRansomwareStealerCryptBotGlupteba
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Raccoon Conti CryptBot Glupteba
Indicators of Compromise (2 / 578 total)
All FileHash-MD5 hostname FileHash-SHA1 FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 3a5f9e191574db6b07e19d9efc9e5d69b5119bae SHA1 of d235fbbbe8a782c3d48793d237383143c4522e9a576d7da34eeab03fa38ec8f8 2021-09-07
FileHash-SHA1 82ee489d3988ba03240f9ac40f31789f15ad9fd2 2021-09-07
References (2)
↗ https://news.sophos.com/en-us/2021/09/01/fake-pirated-software-sites-serve-up-malware-droppers-as-a-service/ ↗ https://github.com/sophoslabs/IoCs/blob/master/Troj-DropperAsAService.csv