Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
0 contributors

Users who have contributed to this file

47 lines (37 sloc) 824 Bytes

Fake Google Chrome Update — Indicators of compromise

Samples

All hashes are SHA1

Installers

e6cb3c408f8daee38f3a3b52d7412d4dc530d992: Critical_Update.exe
59d10a99e13c4a31f7bcc475a602441e97e2327c: Update.exe

Trojan.MulDrop

386f81a943eb2a966ba4670141f67c4e5f3bbad5: updatechrome.exe
853db4ad0ea9039c03cb9213f016bef5a30539b5: updatelink.exe
2638e6c0ce439d0e76aac2048bccc1129d353153: updatemsi.exe

Backdoor.TeamViewer

0a9500fb3da39f5fc9c2e9af8f70169dbd0bc208: msi.dll

PowerShell.AVKill

2fd1dd9b77fb8db5cba554f7a706b3a64516a249: link.bat

Network indicators

Bitbucket repositories

https://bitbucket.org/wellsbe/

Domains

traficbouncer.xyz
traficbouncerbackup.xyz
google.chrome.get-update.online

IPs

192.161.167.144
You can’t perform that action at this time.