← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
CoolClient Updates to Deploy Browser Login Data Stealer
The CoolClient malware is distributed through DLL sideloading, leveraging legitimate signed executables to load malicious DLLs and evade security detection. This technique allows the attackers to establish persistence while appearing as trusted software activity on the compromised system.
Indicators of Compromise (13 / 22 total)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 1a5a9c013ce1b65abc75d809a25d36a7 | — | 2026-01-29 | |
| FileHash-MD5 | 1a61564841bbbb8e7774cbbeb3c68d5d | — | 2026-01-29 | |
| FileHash-MD5 | 1bc5329969e6bf8ef2e9e49aab003f0b | — | 2026-01-29 | |
| FileHash-MD5 | 6b7300a8b3f4aac40eeecfd7bc47ee7c | — | 2026-01-29 | |
| FileHash-MD5 | 7aa53ba3e3f8b0453ffcfba06347ab34 | — | 2026-01-29 | |
| FileHash-MD5 | 838b591722512368f81298c313e37412 | — | 2026-01-29 | |
| FileHash-MD5 | a1cd59f769e9e5f6a040429847ca6eae | — | 2026-01-29 | |
| FileHash-MD5 | a4d7147f0b1ca737bfc133349841aaba | — | 2026-01-29 | |
| FileHash-MD5 | aeb25c9a286ee4c25ca55b72a42efa2c | — | 2026-01-29 | |
| FileHash-MD5 | c19bd9e6f649df1df385deef94e0e8c4 | — | 2026-01-29 | |
| FileHash-MD5 | da6f89f15094fd3f74ba186954be6b05 | — | 2026-01-29 | |
| FileHash-MD5 | e1b7ef0f3ac0a0a64f86e220f362b149 | — | 2026-01-29 | |
| FileHash-MD5 | f518d8e5fe70d9090f6280c68a95998f | — | 2026-01-29 |