ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil [Friday, November 24, 2023]

ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil [Friday, November 24, 2023]
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/ATTACK-REPORT-LOGO-2.png
Report

ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil

Description :
The ParaSiteSnatcher framework allows threat actors to monitor, manipulate, and exfiltrate highly sensitive information from multiple sources. ParaSiteSnatcher also utilizes the powerful Chrome Browser API to intercept and exfiltrate all POST requests containing sensitive account and financial information before the HTTP request initiates a transmission control protocol (TCP) connection.

Published :
2023-11-24T10:42:04.696Z

Created :
2023-11-24T10:42:04.696Z

Modified :
2023-11-24T10:59:44.707Z

Tags

  • stealer
  • malicious chrome extension
  • parasitesnatcher

Indicators

URLs :
  • https://ucee667c79a6c55d864febd411be.dl.dropboxusercontent.com/cd/0/get/CGJ3qwC1u0jLr4CMzA6xZ77B9wEwh0nsM6QbQmwau3W0r-QUrhwEOFMEtcKTaPiNvaz-wngORZmw9w_Bc0ljndJu1OFJJa-1qoI66JNdBmu8fa9dNvM64fbOYZohfqjDQpHDQbkFXU7ffTWOXkk8ZlEk/file?dl=1
  • http://www.dropbox.com/scl/fi/cx975utps1os4gw38q73b/1698022264.zip?rlkey=tqmsmhjonobx8ise21lp35601&dl=1
  • http://www.dropbox.com/scl/fi/8otjw9dhf4kpb7s5vzxdu/1698746809.zip?rlkey=1w2k81ure5hm9ut5owezxa2gg&dl=1
  • https://uccbf6a90286e6acc2a790729260.dl.dropboxusercontent.com/cd/0/get/CGqsvrqOuB4FhGVeZWMyQmSofO8uNJ8EV_sB9CypG92ekXY38jFAv9xQxx7QHpViLjUiEO7JzJ_eQurMhVA9ptRY0qTFFHQC0PkKvO64jHHju7RjYSIJo9vkJkoN7l5HPojdhpe-rLIy1U_oZboMSkgH/file?dl=1
  • https://uc8bf39dfd51f19eca022ff937cc.dl.dropboxusercontent.com/cd/0/get/CGra8cbuRwTG62ccNRWQK3CHk96XzuTfm16q2nC1og5CiCXTPrwXZtf0TTJ3u6QelROuT3GllV05RL60fow_mvq9BpmNUeM0f6c1tUpdVEVYS3KaTHf-At7aLzI6ET-6MxKFT2NlOE9tgzXNEMIy3Ouy/file?dl=1
Domains :
  • nonbrowm.com
  • mnksystem.online
  • webgoalarm.online
  • backmnk.online
Hashes :
  • e59e36d652f454aab543722501ac23258d295ef0f1ecf7c97cad7720ceee6123
  • 72f327f62710f60f43569741c2cb391b833b44c4dafe1f5d5c085a39c485b5df
  • 584ae99d672da18528a2c4d6c0506a83b55503a650ea1aafd5419f62afcee761
  • 9e882594b497f6bc99f6da26211c54d5005064423b1f93059406332e36ae3eba
  • 887c167569c786b1639d87e0f624ce4af939baf67e1113bedde7226c744dbb38
  • 417323d076f7a3fc74fcb1534e39a7c55b6c9cb2a27120369634fd1c32d60f94
  • c08a6db547b833244dd93aca9441059efe65428c588f0db591bcc8157fe4b43f
  • 21f4b82b120d84a2b21f95d75a583f36d7116cc3768785a3d0f213b50e86b240
  • c216989a7101e8849d4bd392377859c90772344289719519d5808ead81ae42e9
  • e195d0548c52a7cdb142c6c5acda2af40e350bd9d606ae4e1c03c6aa246572b3
  • 0e7fb784a10d8cc942029477fee4c1b8907612e3f667970d5ca9fce885cac1d4
  • 96309a0654110f4c9c20869b9f139c7aceea0d1f7f698892cdfd821f9463e04f
  • 1ebfe73932122e898c30098be4384a0fc9150565c3a340750b37b121ea7a55fa
  • 71b9d8721defee1f8f1694ce4e2ae8b1a99b78baa8e7fc9dd11364e97c390ff8
  • 5d813c849a79c60440ae2a36117e29da1da6c7649c00156b5cfe6222322e4cd6
  • 77e314975b4d26998a6384c9cb0deda88b8fa5ea059e3fe7b48edd8a541f2315
  • b9f8ead09e78645f4a52290b88feafc899d3acf9db776259892058877bd9d250
  • e06e25a13adce5c1889c613f12c269b4926f4900da155f4de5fedd46e45c5807
  • 0665989cd37454b2a1e83d0f930b471635fd993135facba20cc4c724682e64f1
  • 6822817419e5f0656f5d32cb1fcf2c03217ff7444e865d35e0d5405f3305b5a6
  • ec22d946dc9538100875b86d2f6035f3541f5e3f08698304b9591efeea7d09a2
  • a21356a2294036d2b573e3f6350a198cd0c4e98d5c2e7ecc9d37089250a6c0c0
  • bbd86446018a0d956794965a6b9f2da1402decb630f247529cd975a0cdfc3875
  • 445728f32c78f4a73b2a5c043aba674e5be14ffeb41a518fc774bbf4d7b408ba
  • 1a3c5f97e7915b70c1371dd9a0265565fe86f7f347e303e7a6d8eaad573d339b
  • a70f323549ec1ce2d31814a8f0852f23b62cade04011058c247a1e55ba049bfd
  • 260b650de3977580a86c63c7f13b0aaee606fe16feff552936eed8e3ad652627
  • 8915b71a1c7a4da5c1cf73cdfa1d24c5546ed203e2a2d17f997ec31398bf85cc
  • 6d0a9cf9a80db3f228d51a8f078a6949bf96684cfb5f78f42a0941d070bc15e4
  • bcba29cd571b58e7f0bbf9d72105e50f1eddf915207e9147c554b18922c5adf7
  • 3f033626d5f4b0cb69e4e902d80d1c3c4de647562e359a0d8904485799483e3b
  • b5e07008f50ff56ffd0389340a037da43b6398d57bf345dda3e0661098bf5ae4
  • 8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6
  • 049a80a962618d9b89fb0a2cf03ef2c3ee00975c5b424e209f073e3c7a491f2c
  • 0371d28b45d13847504685a1baa360ce8e2e97301dfdc37de93f403b17484e98
Attacks Pattern :
  • T1555.003
  • T1176
  • T1027
  • T1140
  • T1041
External References :

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.