New MetaStealer malvertising campaigns [Thursday, December 21, 2023]

New MetaStealer malvertising campaigns [Thursday, December 21, 2023]
Report

New MetaStealer malvertising campaigns

Description :
MetaStealer, a prominent malware emerging in 2022, originated from the RedLine code base and is highly sought after in criminal circles due to its stealing capabilities. Recent observations reveal threat actors employing malspam and malicious ads to distribute MetaStealer, highlighting its ongoing evolution as the malware authors announce plans for a new and enhanced version in December.

Published Created Modified
2023-12-21 16:37:59 2023-12-21 16:37:59 2023-12-21 17:04:19

Tags

Indicators

URLs :
  • http://rawnotepad.com/notepad++.zip
  • http://startworkremotely.com/Anydesk.zip
Domains :
  • iqwgwsigmigiqgoa.xyz
  • kiqewcsyeyaeusag.xyz
  • cewgwsyookogmmki.xyz
  • mmswgeewswyyywqk.xyz
  • iqaeaoeueeqouweo.xyz
  • csyeywqwyikqaiim.xyz
  • startworkremotely.com
  • ockimqekmwecocug.xyz
  • wgcuwcgociewewoo.xyz
  • rawnotepad.com
Hashes :
  • 99123063690e244f95b89d96759ec7dbc28d4079a56817f3152834047ab047eb
  • 949c5ae4827a3b642132faf73275fb01c26e9dce151d6c5467d3014f208f77ca
  • c5597da40dee419696ef2b32cb937a11fcad40f4f79f9a80f6e326a94e81a90f
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.