← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
CoolClient Updates to Deploy Browser Login Data Stealer
The CoolClient malware is distributed through DLL sideloading, leveraging legitimate signed executables to load malicious DLLs and evade security detection. This technique allows the attackers to establish persistence while appearing as trusted software activity on the compromised system.
Indicators of Compromise (22)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 1a5a9c013ce1b65abc75d809a25d36a7 | — | 2026-01-29 | |
| FileHash-MD5 | 1a61564841bbbb8e7774cbbeb3c68d5d | — | 2026-01-29 | |
| FileHash-MD5 | 1bc5329969e6bf8ef2e9e49aab003f0b | — | 2026-01-29 | |
| FileHash-MD5 | 6b7300a8b3f4aac40eeecfd7bc47ee7c | — | 2026-01-29 | |
| FileHash-MD5 | 7aa53ba3e3f8b0453ffcfba06347ab34 | — | 2026-01-29 | |
| FileHash-MD5 | 838b591722512368f81298c313e37412 | — | 2026-01-29 | |
| FileHash-MD5 | a1cd59f769e9e5f6a040429847ca6eae | — | 2026-01-29 | |
| FileHash-MD5 | a4d7147f0b1ca737bfc133349841aaba | — | 2026-01-29 | |
| FileHash-MD5 | aeb25c9a286ee4c25ca55b72a42efa2c | — | 2026-01-29 | |
| FileHash-MD5 | c19bd9e6f649df1df385deef94e0e8c4 | — | 2026-01-29 | |
| FileHash-MD5 | da6f89f15094fd3f74ba186954be6b05 | — | 2026-01-29 | |
| FileHash-MD5 | e1b7ef0f3ac0a0a64f86e220f362b149 | — | 2026-01-29 | |
| FileHash-MD5 | f518d8e5fe70d9090f6280c68a95998f | — | 2026-01-29 | |
| FileHash-SHA1 | 78cee623d06696ee31b25aa4e1b07c5724b1f7b7 | SHA1 of e1b7ef0f3ac0a0a64f86e220f362b149 | 2026-01-29 | |
| FileHash-SHA1 | 83162af628c523c7800f28e6d0ec2a2405ea1c1c | SHA1 of 1a61564841bbbb8e7774cbbeb3c68d5d | 2026-01-29 | |
| FileHash-SHA1 | dfa6f86f2646b202e4d5ff64d5843a44a0662414 | SHA1 of aeb25c9a286ee4c25ca55b72a42efa2c | 2026-01-29 | |
| FileHash-SHA256 | 04c8584fdf34ad59192809c8934c6aef0617fef4faf5ad918da68576d9733af9 | SHA256 of aeb25c9a286ee4c25ca55b72a42efa2c | 2026-01-29 | |
| FileHash-SHA256 | 8c410fc956149cb88d3a7a1bf92d065bf916296ff63065785a1dc1b8045af40a | SHA256 of 1a61564841bbbb8e7774cbbeb3c68d5d | 2026-01-29 | |
| FileHash-SHA256 | 941993f885957176d75f24ef3f8935ecb589bb9b445bb0d71fb18b65e61b6ee4 | SHA256 of e1b7ef0f3ac0a0a64f86e220f362b149 | 2026-01-29 | |
| domain | popnike-share.com | — | 2026-01-29 | |
| hostname | account.hamsterxnxx.com | — | 2026-01-29 | |
| hostname | japan.lenovoappstore.com | — | 2026-01-29 |