← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
“EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart Contracts
“EtherHiding” presents a novel twist on serving malicious code by utilizing Binance’s Smart Chain contracts to host parts of a malicious code chain in what is the next level of Bullet-Proof Hosting.
Over the last two months, leveraging a vast array of hijacked WordPress sites, this threat actor has misled users into downloading malicious fake “browser updates”.
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
ClearFake
Indicators of Compromise (51)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 5225371f32a1ba8a5daa8f14ce64e8bf | MD5 of 1743f4a392b6d2ad0d47a7a57e277e1a29ecf459275b604919a6131739afdaad | 2023-10-16 | |
| FileHash-MD5 | a3fec32282873b302adaeef78c085aee | MD5 of 8ba53b5d773bc157df65fb0941c24e1edbc7c7b47e37b3f7a01751fc3b1a701a | 2023-10-16 | |
| FileHash-MD5 | a655b9c347ce862da682883508be4880 | MD5 of 3d77b34ba6dbb49d594e2be590a87f682e1875d2565ff18bdeafc66c9d5594ea | 2023-10-16 | |
| FileHash-MD5 | f1c9c05e648e58b6bef8dada7654a88e | MD5 of 1a99ac759fcd881729b76c2904476b4201e794df2d0547c954ea37be7c153131 | 2023-10-16 | |
| FileHash-SHA1 | 51e14be2940ae38c6428bf33bb8a9a08ae36ec69 | SHA1 of 1a99ac759fcd881729b76c2904476b4201e794df2d0547c954ea37be7c153131 | 2023-10-16 | |
| FileHash-SHA1 | 8f9221f0fd7c5cfe50f12337b5ce35f4c07c6e3e | SHA1 of 1743f4a392b6d2ad0d47a7a57e277e1a29ecf459275b604919a6131739afdaad | 2023-10-16 | |
| FileHash-SHA1 | df5c2d7162265c4080d88b47eb0aa2f42e398570 | SHA1 of 8ba53b5d773bc157df65fb0941c24e1edbc7c7b47e37b3f7a01751fc3b1a701a | 2023-10-16 | |
| FileHash-SHA1 | fd3e63a78fd4724600b9429edc605cebf90a5947 | SHA1 of 3d77b34ba6dbb49d594e2be590a87f682e1875d2565ff18bdeafc66c9d5594ea | 2023-10-16 | |
| FileHash-SHA256 | 1743f4a392b6d2ad0d47a7a57e277e1a29ecf459275b604919a6131739afdaad | — | 2023-10-16 | |
| FileHash-SHA256 | 1a99ac759fcd881729b76c2904476b4201e794df2d0547c954ea37be7c153131 | — | 2023-10-16 | |
| FileHash-SHA256 | 2ab315537510fc91d73825d0d6661e9f4b141799877e2f5159892886265f362e | — | 2023-10-16 | |
| FileHash-SHA256 | 37bba90d20e429ce3fd56847e4e7aaf83c62fdd70a7dbdcd35b6f2569d47d533 | — | 2023-10-16 | |
| FileHash-SHA256 | 3d77b34ba6dbb49d594e2be590a87f682e1875d2565ff18bdeafc66c9d5594ea | — | 2023-10-16 | |
| FileHash-SHA256 | 3db1afee107cf2fa57d13e60c13c87dd1c22bfa9ef23dcf369d52dd9807a5ff4 | — | 2023-10-16 | |
| FileHash-SHA256 | 633124ed8d7af6dd22722ee43abfe9b0ad97798a1d48b951abdc1ad88e83c702 | — | 2023-10-16 | |
| FileHash-SHA256 | 788567d3cc693dd5d0dada9f4e1421755c1d74257544ba12b502f085a620585e | — | 2023-10-16 | |
| FileHash-SHA256 | 80f05865e59ec4e12e504adbf5fae3d706b5d27e5ab2fc52fcd0feb19365c7b0 | — | 2023-10-16 | |
| FileHash-SHA256 | 8ba53b5d773bc157df65fb0941c24e1edbc7c7b47e37b3f7a01751fc3b1a701a | — | 2023-10-16 | |
| FileHash-SHA256 | b029b40badab029cbd916ab2e5147e9f01abd147e1bf9e5ed1564ee44a0d087f | — | 2023-10-16 | |
| FileHash-SHA256 | d0c56875fb19a407a86292e35dffec6caabbdbf630fbb79de4eec04708fa7b66 | — | 2023-10-16 | |
| FileHash-SHA256 | e041b3eaaed1c0ad37e7f91717ee5b0e12e922b67bbe1e69a4c68c80baf22b4f | — | 2023-10-16 | |
| URL | https://921hapudyqwdvy.com/vvmd54/ | — | 2023-10-16 | |
| domain | 921hapudyqwdvy.com | — | 2023-10-16 | |
| domain | 98ygdjhdvuhj.com | — | 2023-10-16 | |
| domain | boiibzqmk12j.com | — | 2023-10-16 | |
| domain | bookchrono8273.com | — | 2023-10-16 | |
| domain | bpjoieohzmhegwegmmuew.online | — | 2023-10-16 | |
| domain | cczqyvuy812jdy.com | — | 2023-10-16 | |
| domain | indogevro22tevra.com | — | 2023-10-16 | |
| domain | ioiubby73b1n.com | — | 2023-10-16 | |
| domain | kjniuby621edoo.com | — | 2023-10-16 | |
| domain | lminoeubybyvq.com | — | 2023-10-16 | |
| domain | nbvyrxry216vy.com | — | 2023-10-16 | |
| domain | nmbvcxzasedrt.com | — | 2023-10-16 | |
| domain | oekofkkfkoeefkefbnhgtrq.space | — | 2023-10-16 | |
| domain | oiouhvtybh291.com | — | 2023-10-16 | |
| domain | oiuugyfytvgb22h.com | — | 2023-10-16 | |
| domain | oiuytyfvq621mb.org | — | 2023-10-16 | |
| domain | ojhggnfbcy62.com | — | 2023-10-16 | |
| domain | opkfijuifbuyynyny.com | — | 2023-10-16 | |
| domain | pklkknj89bygvczvi.com | — | 2023-10-16 | |
| domain | poqwjoemqzmemzgqegzqzf.online | — | 2023-10-16 | |
| domain | pwwqkppwqkezqer.site | — | 2023-10-16 | |
| domain | reedx51mut.com | — | 2023-10-16 | |
| domain | sioaiuhsdguywqgyuhuiqw.org | — | 2023-10-16 | |
| domain | ug62r67uiijo2.com | — | 2023-10-16 | |
| domain | vcrwtttywuuidqioppn1.com | — | 2023-10-16 | |
| domain | vvooowkdqddcqcqcdqggggl.site | — | 2023-10-16 | |
| domain | ytntf5hvtn2vgcxxq.com | — | 2023-10-16 | |
| domain | zasexdrc13ftvg.com | — | 2023-10-16 | |
| domain | ziucsugcbfyfbyccbasy.com | — | 2023-10-16 |