← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Fake Cryptocurrency Applications Serving as Front for AppleJeus Malware
In February 2021, CISA published an advisory concerning the AppleJeus malware. The advisory describes the variants observed from 2018 to 2021. Volexity has identified a similar campaign taking place between June and October 2022 using new variants of AppleJeus. The campaign from June 2022 follows the same broad pattern as the one described by CISA: a cryptocurrency application packaged in a malicious MSI file.
MITRE ATT&CK & Malware Families
Indicators of Compromise (44)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | b07dede3d23cbc3b41bd2ecfd194c2b6 | MD5 of 4c5611d63fd78a2de9591d7b4d70c574d1f534a2aec86bb70bd49e60fafd54ea MD5 of 4c5611d63fd78a2de9591d7b4d70c574d1f534a2aec86bb70bd49e60fafd54ea | 2022-12-02 | |
| FileHash-SHA1 | 9d7797e1b3f46ba5a2f050a2efabd4bce742528a | SHA1 of 4c5611d63fd78a2de9591d7b4d70c574d1f534a2aec86bb70bd49e60fafd54ea SHA1 of 4c5611d63fd78a2de9591d7b4d70c574d1f534a2aec86bb70bd49e60fafd54ea | 2022-12-02 | |
| FileHash-SHA256 | 4c5611d63fd78a2de9591d7b4d70c574d1f534a2aec86bb70bd49e60fafd54ea | — | 2022-12-02 | |
| FileHash-MD5 | 18644822140eda7493bd75ba1e1f235d | — | 2022-12-02 | |
| FileHash-MD5 | 18e190413af045db88dfbd29609eb877 | — | 2022-12-02 | |
| FileHash-MD5 | 245bb604621cea7962668325995bca7c | — | 2022-12-02 | |
| FileHash-MD5 | 51871504c1d5c09ade5e2a1e6e98c37a | — | 2022-12-02 | |
| FileHash-MD5 | 76111d9780b2d0b5adee61cf752d937e | — | 2022-12-02 | |
| FileHash-MD5 | 8077b9696bfeae73e5238868e4aaa161 | MD5 of 636813038ba5c9755aa881ae62e2911df3b8f84ad1d2ff682e325e00d24d4a74 | 2022-12-02 | |
| FileHash-MD5 | aa71a7a597e71b8fca56f30c329c8b5c | MD5 of efaf52549ffcc8a16373a8f7f0bddebabc3edc17f71b0158bbaf89c1b29a6043 | 2022-12-02 | |
| FileHash-MD5 | e66bc1e91f1a214d098cf44ddb1ae91a | — | 2022-12-02 | |
| FileHash-MD5 | eb1e19613a6a260ddd0ae9224178355b | — | 2022-12-02 | |
| FileHash-MD5 | ec3f99dd7d9dbce8d704d407b086e84f | MD5 of 295c20d0f0a03fd8230098fade0af910b2c56e9e5700d4a3344d10c106a6ae2a | 2022-12-02 | |
| FileHash-SHA1 | 5b03294b72c0caa5fb20e7817002c600645eb475 | — | 2022-12-02 | |
| FileHash-SHA1 | 733c81f6a20acfc0c3168cd457a720259bc8498d | SHA1 of 636813038ba5c9755aa881ae62e2911df3b8f84ad1d2ff682e325e00d24d4a74 | 2022-12-02 | |
| FileHash-SHA1 | 790a0e6790fb359b5010d952ea773d1a89668133 | SHA1 of 295c20d0f0a03fd8230098fade0af910b2c56e9e5700d4a3344d10c106a6ae2a | 2022-12-02 | |
| FileHash-SHA1 | 89c95bf758d3b2a42a75ef28624957b30a2fe667 | SHA1 of efaf52549ffcc8a16373a8f7f0bddebabc3edc17f71b0158bbaf89c1b29a6043 | 2022-12-02 | |
| FileHash-SHA1 | ae34fa6c6baf77390fb3ff683d880cde14bf893d | — | 2022-12-02 | |
| FileHash-SHA1 | b801643e2d817931e6aa36e6bf24d1c42e9b8fdc | — | 2022-12-02 | |
| FileHash-SHA1 | cc5544eff3e5b9cf20d8cf2291147596d4346dbe | — | 2022-12-02 | |
| FileHash-SHA1 | dde2a0b2f85d313222324159b61b2fd7d6e66e7a | SHA1 of eb1e19613a6a260ddd0ae9224178355b | 2022-12-02 | |
| FileHash-SHA256 | 17e6189c19dedea678969e042c64de2a51dd9fba69ff521571d63fd92e48601b | — | 2022-12-02 | |
| FileHash-SHA256 | 295c20d0f0a03fd8230098fade0af910b2c56e9e5700d4a3344d10c106a6ae2a | — | 2022-12-02 | |
| FileHash-SHA256 | 2e8d2525a523b0a47a22a1e9cc9219d6526840d8b819d40d24046b17db8ea3fb | — | 2022-12-02 | |
| FileHash-SHA256 | 479cc0a490ffa98652683796c5cef12f3e6380107aac83321a9705048b801b54 | — | 2022-12-02 | |
| FileHash-SHA256 | 636813038ba5c9755aa881ae62e2911df3b8f84ad1d2ff682e325e00d24d4a74 | — | 2022-12-02 | |
| FileHash-SHA256 | 82d6b2e14763f398d2a559d3f7fbf2f7a3c7f9001c8dcdf4543d4ff0b97a8785 | — | 2022-12-02 | |
| FileHash-SHA256 | 8400f2674892cdfff27b0dfe98a2a77673ce5e76b06438ac6110f0d768459942 | SHA256 of eb1e19613a6a260ddd0ae9224178355b | 2022-12-02 | |
| FileHash-SHA256 | 90b0a4c9fe8fd0084a5d50ed781c7c8908f6ade44e5654acffea922e281c6b33 | — | 2022-12-02 | |
| FileHash-SHA256 | 9352625b3e6a3c998e328e11ad43efb5602fe669aed9c9388af5f55fadfedc78 | — | 2022-12-02 | |
| FileHash-SHA256 | a0db8f8f13a27df1eacbc01505f311f6b14cf9b84fbc7e84cb764a13f001dbbb | — | 2022-12-02 | |
| FileHash-SHA256 | a2d3c41e6812044573a939a51a22d659ec32aea00c26c1a2fdf7466f5c7e1ee9 | — | 2022-12-02 | |
| FileHash-SHA256 | abca3253c003af67113f83df2242a7078d5224870b619489015e4fde060acad0 | — | 2022-12-02 | |
| FileHash-SHA256 | e5980e18319027f0c28cd2f581e75e755a0dace72f10748852ba5f63a0c99487 | — | 2022-12-02 | |
| FileHash-SHA256 | eee4e3612af96b694e28e3794c4ee4af2579768e8ec6b21daf71acfc6e22d52b | — | 2022-12-02 | |
| FileHash-SHA256 | efaf52549ffcc8a16373a8f7f0bddebabc3edc17f71b0158bbaf89c1b29a6043 | — | 2022-12-02 | |
| FileHash-SHA256 | fe948451df90df80c8028b969bf89ecbf501401e7879805667c134080976ce2e | — | 2022-12-02 | |
| URL | https://strainservice.com/resources?a=1666860077&v=1666527365 | — | 2022-12-02 | |
| domain | bloxholder.com | — | 2022-12-02 | |
| domain | oilycargo.com | — | 2022-12-02 | |
| domain | rebelthumb.net | — | 2022-12-02 | |
| domain | strainservice.com | — | 2022-12-02 | |
| domain | telloo.io | — | 2022-12-02 | |
| domain | wirexpro.com | — | 2022-12-02 |