← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
CopperStealer Malware Infects Systems to Gather Sensitive Info via Websites Hosting Fake Software
Researchers noticed a new version of CopperStealer malware infecting systems via websites hosting fake software. They examined this new version that was reusing parts of the code related to a previous campaign.
Similarities with earlier versions
The following similarities from earlier versions were observed:
- The same cryptor
- Use of Data Encryption Standard (DES) with the same key
- The same name of the DLL export function (for later versions of CopperStealer)
- Data exfiltration to a Telegram channel (for later versions of CopperStealer)
- Use of the executable utility MiniThunderPlatform
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
TrojanSpy
Indicators of Compromise (57)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| domain | fakeloveinc.com | — | 2022-06-28 | |
| FileHash-MD5 | 1904a558386f35f4e1bf49d779d8d9b4 | MD5 of ed4439c85248c5b0c11a9c32cf693c47d18ff25f8e199a89496a15ede73689c1 | 2022-06-28 | |
| FileHash-MD5 | 2a8790e657bc856b081f35709f2d07ad | MD5 of b5cd2873be627097f77fe8821914af16f4a748dc52d66e709f5b54d5c9ff9b41 | 2022-06-28 | |
| FileHash-MD5 | 7c7671a948fb42fd70f55432e8a21786 | MD5 of e69026db820b4aecb17d98bf3cb9f40b78758232a5b45b5b7ba84850bd9f9ec5 | 2022-06-28 | |
| FileHash-MD5 | 9c1371cfd128c60ecdb3943346ecd4e8 | MD5 of bbbc5ac3a559feeb1b095d187f5efeb3969a03b5f5f3eccfe9006b5baaac7c56 | 2022-06-28 | |
| FileHash-MD5 | 9d8abb4e60c34b773cd5870cce953ca9 | MD5 of a23737d387313b4a1f68967af10b1e38169681cce6214f0a96b0ad6ecaab360d | 2022-06-28 | |
| FileHash-MD5 | cb39d19f07ea387b1f1dcd22f889545b | MD5 of 67c7123df075ad1cc57add82757871572a7242e6d05b1c6797c9fddd6fc2e851 | 2022-06-28 | |
| FileHash-MD5 | fb2f13bdf700ed28b6ecd8436ce9bbec | MD5 of 1a2611d1579a47129483745f1867cee41c87d9394aec2d2c7120717c1e932d8a | 2022-06-28 | |
| FileHash-SHA1 | 048329e64d4c85746eb5afe263bbceedca15c114 | SHA1 of bbbc5ac3a559feeb1b095d187f5efeb3969a03b5f5f3eccfe9006b5baaac7c56 | 2022-06-28 | |
| FileHash-SHA1 | 2ddd317d78882a0a08b8bafdb7458be6e08f29eb | SHA1 of ed4439c85248c5b0c11a9c32cf693c47d18ff25f8e199a89496a15ede73689c1 | 2022-06-28 | |
| FileHash-SHA1 | 6d9f98ee24b4cc3dafe2550c2d0a416965e5d073 | SHA1 of 1a2611d1579a47129483745f1867cee41c87d9394aec2d2c7120717c1e932d8a | 2022-06-28 | |
| FileHash-SHA1 | 8437efeb00449a82a497ae9da9723b9871ddc1af | SHA1 of 67c7123df075ad1cc57add82757871572a7242e6d05b1c6797c9fddd6fc2e851 | 2022-06-28 | |
| FileHash-SHA1 | b06dab46a30f2f5a38587ce16d4ea9876368f797 | SHA1 of e69026db820b4aecb17d98bf3cb9f40b78758232a5b45b5b7ba84850bd9f9ec5 | 2022-06-28 | |
| FileHash-SHA1 | cd3633b66500131cd845aed1725827b2b9dac82d | SHA1 of b5cd2873be627097f77fe8821914af16f4a748dc52d66e709f5b54d5c9ff9b41 | 2022-06-28 | |
| FileHash-SHA1 | d6bcbc5591801e48b729d9b8e2e6ac479f35d8ee | SHA1 of a23737d387313b4a1f68967af10b1e38169681cce6214f0a96b0ad6ecaab360d | 2022-06-28 | |
| FileHash-SHA256 | 1a2611d1579a47129483745f1867cee41c87d9394aec2d2c7120717c1e932d8a | — | 2022-06-28 | |
| FileHash-SHA256 | 67c7123df075ad1cc57add82757871572a7242e6d05b1c6797c9fddd6fc2e851 | — | 2022-06-28 | |
| FileHash-SHA256 | a23737d387313b4a1f68967af10b1e38169681cce6214f0a96b0ad6ecaab360d | — | 2022-06-28 | |
| FileHash-SHA256 | b5cd2873be627097f77fe8821914af16f4a748dc52d66e709f5b54d5c9ff9b41 | — | 2022-06-28 | |
| FileHash-SHA256 | bbbc5ac3a559feeb1b095d187f5efeb3969a03b5f5f3eccfe9006b5baaac7c56 | — | 2022-06-28 | |
| FileHash-SHA256 | e69026db820b4aecb17d98bf3cb9f40b78758232a5b45b5b7ba84850bd9f9ec5 | — | 2022-06-28 | |
| FileHash-SHA256 | ed4439c85248c5b0c11a9c32cf693c47d18ff25f8e199a89496a15ede73689c1 | — | 2022-06-28 | |
| FileHash-MD5 | 04bc575585d4663f227cef14a65bea26 | MD5 of d2632e36aeaa4204b4717fef742288773318674b1c692ae901289bdfd12ff053 | 2022-06-28 | |
| FileHash-MD5 | 17eeaaeed9dfd3489dddd0a81a2c9bac | MD5 of be456eba2a81ff1bf02f2509a7d43b6b950d3a5bbc129f920361077a4df754c1 | 2022-06-28 | |
| FileHash-MD5 | 2420ce50752a9c25203cecbe194606c5 | MD5 of 63f6ac5da32d2b58776f43bfa494c5d851210d61a53b4df313e808ba40ce71e8 | 2022-06-28 | |
| FileHash-MD5 | 50d29ce69146091276ee2b94a8fc716a | MD5 of 2a4ce819f0b77536614b510686365eaaf3505a084e52be940fb01e89e83b3716 | 2022-06-28 | |
| FileHash-MD5 | 574e6ec7f86d09d52083b92336a428e3 | MD5 of 1f0b37c31226f2bb50c61bc028248963df6a7ec4124d55d7e9bcafa3e0d24cf7 | 2022-06-28 | |
| FileHash-MD5 | 5b0fac3d898b57cce8163e3f489997a0 | MD5 of d2effe218ef9e9717c897494a8be0f217dd14dbd7f70b24d407a94bd86c1eb79 | 2022-06-28 | |
| FileHash-MD5 | 9d697541bda140b5ec2322fadc8210e9 | MD5 of 6f1d27239e189ae0d759ad1ad82a72acf3bd531d4686f9f2afe0a13305fb5b81 | 2022-06-28 | |
| FileHash-MD5 | aeaa73ca932e62719ec0239ba6a23bab | MD5 of 281d3a8cb18df039b0f94ecd86b7bfc6226f582c0ca529e0fa0eed24e875e676 | 2022-06-28 | |
| FileHash-MD5 | d4bee0374cd3b9252e8a61c3ea4a0031 | MD5 of 3770ca41453a14f0c7f256618bae59f7bef2e7a8481ab3959865a1f5164abb9b | 2022-06-28 | |
| FileHash-MD5 | de31f005387e591edc03fdaf54cfd9fc | MD5 of 5ece82f9bfb5f65c82e954ec7375479f4fd81cc743ce561c21eff045726f6e61 | 2022-06-28 | |
| FileHash-SHA1 | 06206820a4f11dc89ccd6adbbc7cca8fe47f924d | SHA1 of d2effe218ef9e9717c897494a8be0f217dd14dbd7f70b24d407a94bd86c1eb79 | 2022-06-28 | |
| FileHash-SHA1 | 0a78b1abb88ed28ae53e229a2121f85c6f9252ee | SHA1 of 5ece82f9bfb5f65c82e954ec7375479f4fd81cc743ce561c21eff045726f6e61 | 2022-06-28 | |
| FileHash-SHA1 | 2460cb3fe60330dd56d6504f99ef5d0f897f247e | SHA1 of 3770ca41453a14f0c7f256618bae59f7bef2e7a8481ab3959865a1f5164abb9b | 2022-06-28 | |
| FileHash-SHA1 | 57235c6e09d0c2e6de2c13d6138b96a029197fda | SHA1 of 2a4ce819f0b77536614b510686365eaaf3505a084e52be940fb01e89e83b3716 | 2022-06-28 | |
| FileHash-SHA1 | 62ef7228309de81ee7dfe3a4402ecfbab09b6ad4 | SHA1 of be456eba2a81ff1bf02f2509a7d43b6b950d3a5bbc129f920361077a4df754c1 | 2022-06-28 | |
| FileHash-SHA1 | 8614ae9342e2fb45d2470c7d960427e71a193c83 | SHA1 of 1f0b37c31226f2bb50c61bc028248963df6a7ec4124d55d7e9bcafa3e0d24cf7 | 2022-06-28 | |
| FileHash-SHA1 | b4e8e0f5044f6d54b8bf6ab24aac7e6b3b1e02f5 | SHA1 of 63f6ac5da32d2b58776f43bfa494c5d851210d61a53b4df313e808ba40ce71e8 | 2022-06-28 | |
| FileHash-SHA1 | c3214e9612cf52c1da3349b7767b7e621ab383af | SHA1 of 281d3a8cb18df039b0f94ecd86b7bfc6226f582c0ca529e0fa0eed24e875e676 | 2022-06-28 | |
| FileHash-SHA1 | c57f2b7e8265761418e63470e169e508158a252a | SHA1 of 6f1d27239e189ae0d759ad1ad82a72acf3bd531d4686f9f2afe0a13305fb5b81 | 2022-06-28 | |
| FileHash-SHA1 | cec6879abd9fb79b88edba802dc06f9bd73bf9c9 | SHA1 of d2632e36aeaa4204b4717fef742288773318674b1c692ae901289bdfd12ff053 | 2022-06-28 | |
| FileHash-SHA256 | 1f0b37c31226f2bb50c61bc028248963df6a7ec4124d55d7e9bcafa3e0d24cf7 | — | 2022-06-28 | |
| FileHash-SHA256 | 281d3a8cb18df039b0f94ecd86b7bfc6226f582c0ca529e0fa0eed24e875e676 | — | 2022-06-28 | |
| FileHash-SHA256 | 2a4ce819f0b77536614b510686365eaaf3505a084e52be940fb01e89e83b3716 | — | 2022-06-28 | |
| FileHash-SHA256 | 3770ca41453a14f0c7f256618bae59f7bef2e7a8481ab3959865a1f5164abb9b | — | 2022-06-28 | |
| FileHash-SHA256 | 416c1bfe526401775cb7ba3d72dcf3b8f076e2be32fb3590004ce21d1e72efe9 | — | 2022-06-28 | |
| FileHash-SHA256 | 5ece82f9bfb5f65c82e954ec7375479f4fd81cc743ce561c21eff045726f6e61 | — | 2022-06-28 | |
| FileHash-SHA256 | 63f6ac5da32d2b58776f43bfa494c5d851210d61a53b4df313e808ba40ce71e8 | — | 2022-06-28 | |
| FileHash-SHA256 | 6f1d27239e189ae0d759ad1ad82a72acf3bd531d4686f9f2afe0a13305fb5b81 | — | 2022-06-28 | |
| FileHash-SHA256 | be456eba2a81ff1bf02f2509a7d43b6b950d3a5bbc129f920361077a4df754c1 | — | 2022-06-28 | |
| FileHash-SHA256 | d2632e36aeaa4204b4717fef742288773318674b1c692ae901289bdfd12ff053 | — | 2022-06-28 | |
| FileHash-SHA256 | d2effe218ef9e9717c897494a8be0f217dd14dbd7f70b24d407a94bd86c1eb79 | — | 2022-06-28 | |
| domain | cloud23.xyz | — | 2022-06-28 | |
| domain | cloud25.xyz | — | 2022-06-28 | |
| domain | crackedfine.com | — | 2022-06-28 | |
| domain | productkeycrack.com | — | 2022-06-28 |