← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Amatera Stealer
WHITE carlosxr7 2026-05-01 Modified: 2026-05-31
296
IOCs
HIGH VOLUME
Amatera Stealer, un infostealer evolucionado de ACR Stealer que se comercializa como Malware-as-a-Service (MaaS).
ibm xforcevirustotala1b1amatera stealeracr stealerfeedlyinstallfixdominio c2stealeramateraroboautorcopypowershelldailyxforcephishingacr
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
ACR Amatera
Indicators of Compromise (39 / 296 total)
All CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 006fd0a434e7230f82c90342177d08de MD5 of 8fc16b78b93594da17f958aecb690a8b39cdeabb63639887aa65a82038b0639c 2026-05-01
FileHash-MD5 00d14e8fc7db5dbbc1d1266a2efd4278 MD5 of 00b84eae83e4cd6165255247026c702c2c88f5cea8a1032187c2b842dc54095d 2026-05-01
FileHash-MD5 022611e6ffcb30ae62a27c5009d528d7 MD5 of 006f0054609064c00d3d217ee37f924b4cf8c4fabde362408cdec1446d719913 2026-05-01
FileHash-MD5 05331a950a290196055217ca0a055f74 MD5 of 9560b4aaff3989b986697e642528601e821f306b7b4161131b5bf5bdf83786d0 2026-05-01
FileHash-MD5 0a0564432ff77a21742e0eb6ab13924d MD5 of c0709c02d27a88b78939bc422e738af70b1455580a5ef7f3169b2868ecdd584a 2026-05-01
FileHash-MD5 0b5727f4cd014566ecc357deea4d64b3 MD5 of 917c89e14b81f4d2f76ae245974d5b6bc596cccee6be901ce8c5840e73ea1c63 2026-05-01
FileHash-MD5 0fb026b6f19d00fa44486032bb87867a MD5 of 8721d3af5d2d01dc76d8102716dd6bc4271284a7682df46f10b6aacfd5b2cd48 2026-05-01
FileHash-MD5 11b67dfd05888a12e70e6f5d45b85841 MD5 of 8d3634a77504cb0eee0f0f853bebaeb501a8147e104eb0f381a93b497272e34f 2026-05-01
FileHash-MD5 1b4a67d5fc078f87ab5574c970c297f4 MD5 of 120316ecaf06b76a564ce42e11f7074c52df6d79b85d3526c5b4e9f362d2f1c2 2026-05-01
FileHash-MD5 1e298af0262ab4cd6529cf59dd332eb2 MD5 of b9ff92917225778b82c30587d5559628f0ab14c359bd2b6ae4981ff262480fc8 2026-05-01
FileHash-MD5 2841de56953ee5465548f60212164644 MD5 of e102e3fc64fd8e6e688dfab60761c3cbb3e5b7b9127000c5136a0063b28deadc 2026-05-01
FileHash-MD5 287017a2a887e4208a6ea9d88dcfee06 MD5 of 7f9700249874f38f183556f8028b2d59aaa20fa0cb03a427772507eb480ca103 2026-05-01
FileHash-MD5 2a77c5aba18ba74c571ea2bb714a6e4f MD5 of 64bc219bca2e3a4426199b2cf54aba7df8ea53f8a0ed04364aae9a654e96efe1 2026-05-01
FileHash-MD5 301eaf74375c407f150967624ef38e4b MD5 of 3e99b0f5eb750b818e55f23a6f1fcf8213e7ed3ac850529ade7e6fa6b7afe0e2 2026-05-01
FileHash-MD5 3c7c9f371d3b5f0e46061dd277626989 MD5 of 4a0591336c7df9c61ed2656ac8d943cbc5b9a1375d83723e1cc9e3c71dd9a01c 2026-05-01
FileHash-MD5 4c479fa00f576474a2132a7ce06b6020 MD5 of 83b63027f77ccc7d1cdfd22ff160a20ff129ef660fb86af5839a675290c73181 2026-05-01
FileHash-MD5 4d90a9dfa4c3f8ed44b8107adadc4d92 MD5 of fcd37d51ca9d72e7a38df466a2495e7cc4478e820f0d6953fb617bfe31142449 2026-05-01
FileHash-MD5 5085ae605999d07fcebe1fffe8dcfbe0 MD5 of 4ad9fd2b5519c521765a80f3411f825adcd38409ba6cfefd595873c9c6db92c3 2026-05-01
FileHash-MD5 520996acba0096dc4210d43000739e10 MD5 of 16dd58a3c2fc840fa00de80ea9dd0524ba2f02943ce049de2898598285cc9541 2026-05-01
FileHash-MD5 57b84ef53c3f3ca1d7172b386c05d060 MD5 of f49e6edb57d0b4f4dd37cf695ab54a35af2b016ab6bae2e555be22a7141cde55 2026-05-01
FileHash-MD5 5ccfe4f5f3b4398c19e42aaeff7b872b MD5 of fe65744e7490a23a0dc2ee6914184fbbc0e0f9815a285928a5b803de59959c85 2026-05-01
FileHash-MD5 5f157b3bf99f54b5abafec8c99b9a3d6 MD5 of 93996926637363d89936b9c878c11e0c5289c8aadecd07cbd7475e7caab83595 2026-05-01
FileHash-MD5 65b30a21271f71b1ff87f682791fc0a4 MD5 of a7987ec4361b890bc4248964b5b3cb79a3dcdb1e0044df5377a335bbee351857 2026-05-01
FileHash-MD5 7d5cb34c423588c81f5cb7cbc66aa347 MD5 of 2428bd931dde4d818437ff9e12197bdbb4a5c0548bc7c068bb732c7bc4847554 2026-05-01
FileHash-MD5 7f7f18c336b6096faa8a1aa2c7374007 MD5 of 0cec3100b84f95dfb1e856390cf41809b653812fd4d51025517ba11b167442fa 2026-05-01
FileHash-MD5 8583e9f9a9a5a3c3b6e2dbd6dc10984c MD5 of 809be9b70095f131db8a41629bd079424975668ef78fb75297d4e8251907d70c 2026-05-01
FileHash-MD5 982c9cdb6b72319c7093324a9e6396dd MD5 of bbd76bcc6023e877ba553fe54cd072bed8ad483ce2fc778417600df0c05701a0 2026-05-01
FileHash-MD5 9c5d0eb814808ba7603a630aae101654 MD5 of f7131fc0267d5e0eae0b00ee05eb221351910114d1794c30997a5e45e24059ef 2026-05-01
FileHash-MD5 9ff73e8dd816194485a90730315ef5b3 MD5 of 1f2791dcde3845bff10d8b5612e8ee788a64d2f754a00707c85d37b0ffe6d2cc 2026-05-01
FileHash-MD5 ac1abbf457d3e17053a231788791232a MD5 of 4afa12e92cb5cfa1ce31dc3679576b3dd70cb0c14c0fa5105c09612b6c515bf4 2026-05-01
FileHash-MD5 b753c3b2755668c04f0726775c5411a9 MD5 of e4a1b01b2a76ef02a2f6ea32275eeee4f44b867d2d5768bf89f870cbfacfa47e 2026-05-01
FileHash-MD5 c482a9dd8cc66d1b95b424a270205e8c MD5 of bc55d60466f7d1a03e4002759aa95cae2bd08cf9c0685f2f822ebcc8956569b2 2026-05-01
FileHash-MD5 cb89dd52f8112ef356711a1766b7fcdf MD5 of 43125fdc0fbdd0612b985f03298b7bd505f3f286ce2958d83e5d4bc5f46da870 2026-05-01
FileHash-MD5 ce883cde023ee1c3fa38e263254d17e7 MD5 of a54be7b1aefe64427a8a60ad27d2d6a2a2f862c3c3598f05593ef6c44d37a47c 2026-05-01
FileHash-MD5 d174e6efd153be5f029d78ebd1138c9b MD5 of 68f9e86795c5dd817dec72f776ea0162a8c4a9cef26b54843fac00c101158ba1 2026-05-01
FileHash-MD5 de07e3ab87e46ac0b9a75687e5c61db6 MD5 of 532c9bc2e30150bef61a050386509dd5f3c152688898f6be616393f10b9262d3 2026-05-01
FileHash-MD5 e7f6096840fe51cfe1eb6234d63843b5 MD5 of 59202cb766c3034c308728c2e5770a0d074faa110ea981aa88f570eb402540d2 2026-05-01
FileHash-MD5 ebc5d20c8580127e6b8f35f733224cb4 MD5 of 0111ffb0dab4bdef8c8788e4ce6ad4fc071b9f7b1f3affb7ead8d5df9582f34f 2026-05-01
FileHash-MD5 f52c99c24f704788b8036f1ead587991 2026-05-01
References (5)
↗ https://lacrimae0rerum.github.io/CorvusDossiers/reports/claude-amatera-campaign/informe_estrategico.html ↗ https://exchange.xforce.ibmcloud.com/report/details/guid:f52c99c24f704788b8036f1ead587991 ↗ https://www.esecurityplanet.com/artificial-intelligence/fake-claude-code-install-pages-spread-infostealer-malware/ ↗ https://securityonline.info/the-vibe-coding-trap-fake-claude-code-installers-unleash-amatera-malware-via-search-ads/ ↗ https://cybersecuritynews.com/claude-code-vulnerabilities/