Pulse Detail — Threat Intelligence

PULSE NAME

Websites Hosting Fake Cracks Spread Updated CopperStealer Malware

WHITE AlienVault 2022-06-23 Modified: 2022-06-23

IOCs

MEDIUM VOLUME

↓ CSV ↓ JSON

TrendMicro found updated samples of the CopperStealer malware infecting systems via websites hosting fake software.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1027 T1053 T1090 T1104 T1134 T1140 T1562 T1568

MALWARE FAMILIES

CopperStealer

Indicators of Compromise (40)

All URL FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	https://pastebin.com/raw/CF8hK9Rb	—	2022-06-23
FileHash-MD5	04bc575585d4663f227cef14a65bea26	MD5 of d2632e36aeaa4204b4717fef742288773318674b1c692ae901289bdfd12ff053	2022-06-23
FileHash-MD5	17eeaaeed9dfd3489dddd0a81a2c9bac	MD5 of be456eba2a81ff1bf02f2509a7d43b6b950d3a5bbc129f920361077a4df754c1	2022-06-23
FileHash-MD5	50d29ce69146091276ee2b94a8fc716a	MD5 of 2a4ce819f0b77536614b510686365eaaf3505a084e52be940fb01e89e83b3716	2022-06-23
FileHash-MD5	5b0fac3d898b57cce8163e3f489997a0	MD5 of d2effe218ef9e9717c897494a8be0f217dd14dbd7f70b24d407a94bd86c1eb79	2022-06-23
FileHash-MD5	9d697541bda140b5ec2322fadc8210e9	MD5 of 6f1d27239e189ae0d759ad1ad82a72acf3bd531d4686f9f2afe0a13305fb5b81	2022-06-23
FileHash-MD5	aeaa73ca932e62719ec0239ba6a23bab	MD5 of 281d3a8cb18df039b0f94ecd86b7bfc6226f582c0ca529e0fa0eed24e875e676	2022-06-23
FileHash-MD5	d4bee0374cd3b9252e8a61c3ea4a0031	MD5 of 3770ca41453a14f0c7f256618bae59f7bef2e7a8481ab3959865a1f5164abb9b	2022-06-23
FileHash-MD5	de31f005387e591edc03fdaf54cfd9fc	MD5 of 5ece82f9bfb5f65c82e954ec7375479f4fd81cc743ce561c21eff045726f6e61	2022-06-23
FileHash-SHA1	06206820a4f11dc89ccd6adbbc7cca8fe47f924d	SHA1 of d2effe218ef9e9717c897494a8be0f217dd14dbd7f70b24d407a94bd86c1eb79	2022-06-23
FileHash-SHA1	0a78b1abb88ed28ae53e229a2121f85c6f9252ee	SHA1 of 5ece82f9bfb5f65c82e954ec7375479f4fd81cc743ce561c21eff045726f6e61	2022-06-23
FileHash-SHA1	2460cb3fe60330dd56d6504f99ef5d0f897f247e	SHA1 of 3770ca41453a14f0c7f256618bae59f7bef2e7a8481ab3959865a1f5164abb9b	2022-06-23
FileHash-SHA1	57235c6e09d0c2e6de2c13d6138b96a029197fda	SHA1 of 2a4ce819f0b77536614b510686365eaaf3505a084e52be940fb01e89e83b3716	2022-06-23
FileHash-SHA1	62ef7228309de81ee7dfe3a4402ecfbab09b6ad4	SHA1 of be456eba2a81ff1bf02f2509a7d43b6b950d3a5bbc129f920361077a4df754c1	2022-06-23
FileHash-SHA1	c3214e9612cf52c1da3349b7767b7e621ab383af	SHA1 of 281d3a8cb18df039b0f94ecd86b7bfc6226f582c0ca529e0fa0eed24e875e676	2022-06-23
FileHash-SHA1	c57f2b7e8265761418e63470e169e508158a252a	SHA1 of 6f1d27239e189ae0d759ad1ad82a72acf3bd531d4686f9f2afe0a13305fb5b81	2022-06-23
FileHash-SHA1	cec6879abd9fb79b88edba802dc06f9bd73bf9c9	SHA1 of d2632e36aeaa4204b4717fef742288773318674b1c692ae901289bdfd12ff053	2022-06-23
FileHash-SHA256	1a2611d1579a47129483745f1867cee41c87d9394aec2d2c7120717c1e932d8a	—	2022-06-23
FileHash-SHA256	1f0b37c31226f2bb50c61bc028248963df6a7ec4124d55d7e9bcafa3e0d24cf7	—	2022-06-23
FileHash-SHA256	281d3a8cb18df039b0f94ecd86b7bfc6226f582c0ca529e0fa0eed24e875e676	—	2022-06-23
FileHash-SHA256	2a4ce819f0b77536614b510686365eaaf3505a084e52be940fb01e89e83b3716	—	2022-06-23
FileHash-SHA256	3770ca41453a14f0c7f256618bae59f7bef2e7a8481ab3959865a1f5164abb9b	—	2022-06-23
FileHash-SHA256	416c1bfe526401775cb7ba3d72dcf3b8f076e2be32fb3590004ce21d1e72efe9	—	2022-06-23
FileHash-SHA256	5ece82f9bfb5f65c82e954ec7375479f4fd81cc743ce561c21eff045726f6e61	—	2022-06-23
FileHash-SHA256	63f6ac5da32d2b58776f43bfa494c5d851210d61a53b4df313e808ba40ce71e8	—	2022-06-23
FileHash-SHA256	67c7123df075ad1cc57add82757871572a7242e6d05b1c6797c9fddd6fc2e851	—	2022-06-23
FileHash-SHA256	6f1d27239e189ae0d759ad1ad82a72acf3bd531d4686f9f2afe0a13305fb5b81	—	2022-06-23
FileHash-SHA256	a23737d387313b4a1f68967af10b1e38169681cce6214f0a96b0ad6ecaab360d	—	2022-06-23
FileHash-SHA256	b5cd2873be627097f77fe8821914af16f4a748dc52d66e709f5b54d5c9ff9b41	—	2022-06-23
FileHash-SHA256	bbbc5ac3a559feeb1b095d187f5efeb3969a03b5f5f3eccfe9006b5baaac7c56	—	2022-06-23
FileHash-SHA256	be456eba2a81ff1bf02f2509a7d43b6b950d3a5bbc129f920361077a4df754c1	—	2022-06-23
FileHash-SHA256	d2632e36aeaa4204b4717fef742288773318674b1c692ae901289bdfd12ff053	—	2022-06-23
FileHash-SHA256	d2effe218ef9e9717c897494a8be0f217dd14dbd7f70b24d407a94bd86c1eb79	—	2022-06-23
FileHash-SHA256	e69026db820b4aecb17d98bf3cb9f40b78758232a5b45b5b7ba84850bd9f9ec5	—	2022-06-23
FileHash-SHA256	ed4439c85248c5b0c11a9c32cf693c47d18ff25f8e199a89496a15ede73689c1	—	2022-06-23
domain	cloud23.xyz	—	2022-06-23
domain	cloud25.xyz	—	2022-06-23
domain	crackedfine.com	—	2022-06-23
domain	fakeloveinc.com	—	2022-06-23
domain	productkeycrack.com	—	2022-06-23

References (1)

↗ https://www.trendmicro.com/en_us/research/22/f/websites-hosting-fake-cracks-spread-updated-copperstealer.html