← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
New PXA Stealer targets government and education sectors for sensitive information
WHITE CoralRaider tr2222200 2024-11-21 Modified: 2024-11-21
30
IOCs
MEDIUM VOLUME
top storylanding page top storystealerthreat spotlightpxa stealersystemdiscordfacebookcisco securepython programtelegram bottvdseopathcompressionpythonpowershellloneminiimportnextlocalmercurydesktopumbrellacoralraiderthreatjavascriptpxa
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
JavaScript PXA
Indicators of Compromise (15 / 30 total)
All domain FileHash-SHA256 FileHash-MD5 FileHash-SHA1 URL
TYPEINDICATORDESCRIPTIONCREATED
URL http://tvdseo.com/file/Adonis/AdFnis_Bot 2024-11-21
URL http://tvdseo.com/file/Adonis/Adonis_Bot 2024-11-21
URL http://tvdseo.com/file/Adonis/Adonis_Bot0 2024-11-21
URL http://tvdseo.com/file/Adonis/Adonis_XW_ENC 2024-11-21
URL http://tvdseo.com/file/PXA/Cookie_Ext.zip 2024-11-21
URL http://tvdseo.com/file/PXA/PXA_BOT 2024-11-21
URL http://tvdseo.com/file/PXA/PXA_PURE_ENC 2024-11-21
URL http://tvdseo.com/file/STC/Cookie_Ext.zip 2024-11-21
URL http://tvdseo.com/file/STC/STC_BOT 2024-11-21
URL http://tvdseo.com/file/STC/STC_OTO 2024-11-21
URL http://tvdseo.com/file/STC/STC_PUP 2024-11-21
URL http://tvdseo.com/file/STC/STC_PURE.b64 2024-11-21
URL http://tvdseo.com/file/STC/STC_PURE_ENC 2024-11-21
URL http://tvdseo.com/file/STC/STC_XW_ENC 2024-11-21
URL http://tvdseo.com/file/synaptics.zip 2024-11-21
References (2)
↗ https://blog.talosintelligence.com/new-pxa-stealer/ ↗ new-pxa-stealer.txt