← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
CryptoClippy Speaks Portuguese
WHITE Cryptocurrency CyberHunter_NL 2023-04-06 Modified: 2023-05-06
37
IOCs
MEDIUM VOLUME
A malware campaign targeting Portuguese speakers aims to steal cryptocurrency from legitimate users' wallets, according to Palo Alto Networks Unit 42 Managed Threat Hunting, which has recently discovered a new variant of the malware.
cryptocurrencycryptoclippyfigureexe fileunitwhatsapp weblnk fileethereumethereum walletpalo altostagepowershellvirustotalgeneratoralliancesmokeloaderminer
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
CryptoClippy
Indicators of Compromise (17 / 37 total)
All URL BitcoinAddress FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 096983764a75f1c0bab73dd2dea8b1e035ec1a03399fab97c71349a26856b759 2023-04-06
FileHash-SHA256 15f9645e5621e87c96aa6c3497dde36ba83ec80d5f8f43c7cd809e8a636444e5 2023-04-06
FileHash-SHA256 2cff03f9efdaf52626bd1b451d700605dc1ea000c5da56bd0fc59f8f43071040 2023-04-06
FileHash-SHA256 32c9ddcc694ee6c5a38456c4c3e1b433840a18e384e59d63a5d825428abf036b 2023-04-06
FileHash-SHA256 498b55ff3967cabdd175c5ec11ef39a060ebded0f104575f2ef7ecb88fa9e9f1 2023-04-06
FileHash-SHA256 5a1ce64e4fa19531a3222554bbe99aa6aeadb639d51b2a308648cb6e0fa55c05 2023-04-06
FileHash-SHA256 75aa93e997427c55cc1cbe44d271da1971b7fdafcf85dc6cf69491c2e5931f1d 2023-04-06
FileHash-SHA256 766d25d37210ddc3f1afa84e597b3acdbf6dfb0917451f4a344ca5e570adb063 2023-04-06
FileHash-SHA256 7c3e9b05dcd5588c26e07d149af3c897c8879804eff1c3e2616c3dd1fcad65fe 2023-04-06
FileHash-SHA256 7db350f9ec3adb2b7f9a3e9e58c69112b5a7e2ed0337a1c4ac55c9a993116f5c 2023-04-06
FileHash-SHA256 89d7c8c7846068c4f618f80d18944f2fcf47cbebe7390d73c1f16ef0ed48d90b 2023-04-06
FileHash-SHA256 9e19b108f786bf33b58a9efb823619c2aab23107780ceae0baa2d8da19475eb2 2023-04-06
FileHash-SHA256 b6ab39b49d7d5752dbdade697a76e96d518b1b2df00c344772782c8f5950361e 2023-04-06
FileHash-SHA256 c6c486800bcc9d935931c2c6fbde031942d288a124a60beb1e5d38949105b2ad 2023-04-06
FileHash-SHA256 c88c98930181b6038a0565d9bc08ece16995ecbb01821eee6c5dd3772db694f8 2023-04-06
FileHash-SHA256 f00ac1a50c39a4781f8f614205672bc72d55823b39c20bccffa3ba244fa74693 2023-04-06
FileHash-SHA256 f22683e9d2a6e72b3149ef1f26392a1e080ae5f2f004543f2a45732eb78d1e98 2023-04-06
References (1)
↗ https://unit42.paloaltonetworks.com/crypto-clipper-targets-portuguese-speakers/