← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
New OpcJacker Malware Distributed via Fake VPN Malvertising
WHITE Tr1sa111 2023-05-31 Modified: 2023-05-31
311
IOCs
HIGH VOLUME
opcjackerratinfostealercryptocurrencies
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
OpcJacker
Indicators of Compromise (17 / 311 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
URL http://185.163.45.36:5051 2023-05-31
URL http://206.188.197.199:443 2023-05-31
URL http://94.158.244.118:1203 2023-05-31
URL http://alle13net1.com:5511 2023-05-31
URL http://alle13net2.com:5511 2023-05-31
URL http://comes1.com:1255 2023-05-31
URL http://comes2.com:1255 2023-05-31
URL http://gattri1.com:5256 2023-05-31
URL http://gattri2.com:5256 2023-05-31
URL http://manigiajabae32.com:2006 2023-05-31
URL http://manigiajabae35.com:2006 2023-05-31
URL http://neskrab1.com:1133 2023-05-31
URL http://neskrab2.com:1133 2023-05-31
URL http://she32rn1.com:5511 2023-05-31
URL http://she32rn2.com:5511 2023-05-31
URL http://uzurtela1.com:3961 2023-05-31
URL http://uzurtela42.com:3961 2023-05-31
References (2)
↗ https://www.trendmicro.com/en_us/research/23/c/new-opcjacker-malware-distributed-via-fake-vpn-malvertising.html ↗ https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/c/new-opcjacker-malware-distributed-via-fake-vpn-malvertising/ioc-new-opcJacker-malware-distributed-via-fake-vpn-malvertising.txt