HackBoss: A cryptocurrency-stealing malware distributed through Telegram - Avast Threat Labs
Tags
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Scheduled Task - T1053.005 Software - T1592.002 Tool - T1588.002 Scheduled Task - T1053 |
Common Information
| Type | Value |
|---|---|
| UUID | fc703813-3ace-45d8-9f77-4320d5d8daf0 |
| Fingerprint | a52718b3bce72641 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 15, 2021, 5:54 p.m. |
| Added to db | Sept. 26, 2022, 9:33 a.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | HackBoss: A cryptocurrency-stealing malware distributed through Telegram |
| Title | HackBoss: A cryptocurrency-stealing malware distributed through Telegram - Avast Threat Labs |
| Detected Hints/Tags/Attributes | 42/1/238 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 768 | www.youtube.com |
|
| Details | Domain | 1 | cranhan.blogspot.com |
|
| Details | Domain | 77 | mega.nz |
|
| Details | Domain | 2 | bitcoapp.zip |
|
| Details | Domain | 1 | www.progs.su |
|
| Details | Domain | 1 | mega.mz |
|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 2 | benaughty.com |
|
| Details | File | 2 | bitcoapp.zip |
|
| Details | File | 2 | bitcoapp.exe |
|
| Details | File | 2 | splwow.exe |
|
| Details | File | 2 | defenderupdate.exe |
|
| Details | File | 4 | net.dll |
|
| Details | File | 1 | file_names.txt |
|
| Details | File | 249 | schtasks.exe |
|
| Details | File | 2 | airbnbcom.rar |
|
| Details | File | 2 | amazon_gift_card_gen.rar |
|
| Details | File | 2 | amex.rar |
|
| Details | File | 2 | badoo.rar |
|
| Details | File | 2 | badoo_brutechecker.rar |
|
| Details | File | 2 | bankcombain.rar |
|
| Details | File | 2 | bankcracker.rar |
|
| Details | File | 2 | banktop.rar |
|
| Details | File | 5 | com.rar |
|
| Details | File | 2 | bruteprivkey_cracker.zip |
|
| Details | File | 2 | buildbtc.rar |
|
| Details | File | 2 | builder_stealer.rar |
|
| Details | File | 4 | chase.rar |
|
| Details | File | 2 | citizens.rar |
|
| Details | File | 2 | combineba.rar |
|
| Details | File | 2 | combocreat.rar |
|
| Details | File | 2 | dating0.rar |
|
| Details | File | 2 | datingo.rar |
|
| Details | File | 2 | datingico.rar |
|
| Details | File | 2 | datingmix.rar |
|
| Details | File | 2 | checker.rar |
|
| Details | File | 2 | epay.rar |
|
| Details | File | 2 | facebook.rar |
|
| Details | File | 2 | generatorandbruteprivkeybtc.rar |
|
| Details | File | 2 | happychase.rar |
|
| Details | File | 2 | matchcheck.rar |
|
| Details | File | 2 | matchus.rar |
|
| Details | File | 2 | megaapi.rar |
|
| Details | File | 2 | ourtime.rar |
|
| Details | File | 2 | parserlink.rar |
|
| Details | File | 2 | payfast.rar |
|
| Details | File | 2 | paypal_brute_v2.rar |
|
| Details | File | 2 | paypal.rar |
|
| Details | File | 2 | poffullchecker.rar |
|
| Details | File | 2 | proxyscrape.rar |
|
| Details | File | 2 | telegramsender.rar |
|
| Details | File | 2 | visualstudiokey.rar |
|
| Details | File | 2 | wishshop.rar |
|
| Details | File | 2 | zoosk.rar |
|
| Details | File | 2 | bank_onpointcu.rar |
|
| Details | File | 2 | bank_andrewsfcu.rar |
|
| Details | File | 2 | kitco.rar |
|
| Details | File | 2 | airbnb.exe |
|
| Details | File | 2 | amazon_gift_card_gen.exe |
|
| Details | File | 2 | amex.exe |
|
| Details | File | 2 | badoo.exe |
|
| Details | File | 2 | badoo2.exe |
|
| Details | File | 2 | bank_andrewsfcu.exe |
|
| Details | File | 2 | bank_onpointcu.exe |
|
| Details | File | 2 | bankcom.exe |
|
| Details | File | 2 | bankcomb.exe |
|
| Details | File | 2 | bankcombain.exe |
|
| Details | File | 2 | bankcracker.exe |
|
| Details | File | 2 | banktop.exe |
|
| Details | File | 23 | com.exe |
|
| Details | File | 2 | bitcoinfaketransaction.exe |
|
| Details | File | 3 | brute.exe |
|
| Details | File | 2 | bruteprivkey.exe |
|
| Details | File | 2 | buildbtc.exe |
|
| Details | File | 2 | builder_stealer.exe |
|
| Details | File | 2 | chase.exe |
|
| Details | File | 2 | chime.exe |
|
| Details | File | 2 | citizens.exe |
|
| Details | File | 2 | coinoco.exe |
|
| Details | File | 2 | combine.exe |
|
| Details | File | 2 | combocreat.exe |
|
| Details | File | 4 | key.exe |
|
| Details | File | 2 | dating0.exe |
|
| Details | File | 2 | datingico.exe |
|
| Details | File | 2 | datingmix.exe |
|
| Details | File | 2 | datingo.exe |
|
| Details | File | 9 | checker.exe |
|
| Details | File | 2 | epay.exe |
|
| Details | File | 4 | facebook.exe |
|
| Details | File | 2 | generatorandbruteprivkeybtc.exe |
|
| Details | File | 2 | happychase.exe |
|
| Details | File | 2 | iamazom.exe |
|
| Details | File | 2 | ibcbank.exe |
|
| Details | File | 2 | icontrol.exe |
|
| Details | File | 2 | matchcheck.exe |
|
| Details | File | 2 | matchus.exe |
|
| Details | File | 2 | megaapi.exe |
|
| Details | File | 2 | multidating.exe |
|
| Details | File | 2 | ourtime.exe |
|
| Details | File | 2 | parserlink.exe |
|
| Details | File | 2 | payfast.exe |
|
| Details | File | 3 | paypal.exe |
|
| Details | File | 2 | pof.exe |
|
| Details | File | 2 | poffullchecker.exe |
|
| Details | File | 2 | proxyscrape.exe |
|
| Details | File | 2 | sendtelegram.exe |
|
| Details | File | 2 | smptsender.exe |
|
| Details | File | 38 | 7.exe |
|
| Details | File | 2 | visualstudiokeygen.exe |
|
| Details | File | 2 | wish.exe |
|
| Details | File | 2 | wishshop.exe |
|
| Details | File | 2 | zoosk.exe |
|
| Details | File | 4 | network.txt |
|
| Details | File | 1 | bitcoin_addresses.txt |
|
| Details | File | 1 | ethereum_addresses.txt |
|
| Details | File | 1 | litecoin_addresses.txt |
|
| Details | File | 1 | dogecoin_addresses.txt |
|
| Details | File | 1 | monero_addresses.txt |
|
| Details | Github username | 12 | avast |
|
| Details | sha256 | 2 | 4c916853ccd9e7337af557385fd5ef2e05a62f501b0cf4d7bbc3f9153d206350 |
|
| Details | sha256 | 2 | 50d6a87fb43c486d4171dae91a2897a8652abc27d9067418ed48a2ae725ad5fe |
|
| Details | sha256 | 2 | 59f9ae970ffa26e31a8131a047c5c1415a1eb17b4bca76095282ca146932c61b |
|
| Details | sha256 | 2 | 65ac1ab8c60ec8bdd45f59ae07103e218a7c307afdd2ba92e3f687100914399a |
|
| Details | sha256 | 2 | dfb9acd09e1303baade8c6d71e96489486f4b0471dfb42ea759e09919b717c6f |
|
| Details | sha256 | 2 | 2771ddf380b065f4887f4df271dbb5ecaeac845efe817d55676d41f09be81c78 |
|
| Details | sha256 | 2 | 8be15479f95785054f28f65fe9898c7cec8daf29e14f737172e85c1dc3ddd15f |
|
| Details | sha256 | 2 | e32a4f828c556ab385a2bf66589bf8854ea9f370c5dfdd0e605911e8caaab73e |
|
| Details | sha256 | 2 | 26e17367a3276321cbd553a194a296b6a53ec5c107eed26c12f6a66d2bf8a1e6 |
|
| Details | sha256 | 2 | 1772628df187d1ea56f2d0fce1b257f2e19db1c03416f1c22fdf0841bba2ba6e |
|
| Details | sha256 | 2 | dda2a8ee0b13e12ecfa37ba850ed6f91ac8af0383a6384eef59d91ca7828c5a4 |
|
| Details | sha256 | 2 | f78927e884724d7df3e274724f340aeb655e3bd6c6d88b9bc1cba36e56bef0d4 |
|
| Details | sha256 | 2 | 21bcb9f01c0cc8be4fc5455f0c30314ddcc6f799f9476682b048bbcf1c068b45 |
|
| Details | sha256 | 2 | 77231fcce5af7f66dd1f94580150e0bea08c21119d81c4a831f38799b7076caa |
|
| Details | sha256 | 2 | 8428f06ee038688fa3b024c53c51daa216b128d3d06166068811dfaca6fe7bbc |
|
| Details | sha256 | 2 | d7d7765b51b7e793ac221a61bf2c9a34c614ec1b46d922cfea6bf71abe7891d1 |
|
| Details | sha256 | 2 | d54d41be67625e3298b906b93c7a9811242fe4c2c8bf6b81d7974239052ffd8d |
|
| Details | sha256 | 2 | 68bef2af94a61a5a2195035cba23dba3de834fdf26603f6cda6b0856e776bb1e |
|
| Details | sha256 | 2 | 22f34a53ab5d2bb554159e695f336fe75dd4c8817721835e549251bfe11b7d7e |
|
| Details | sha256 | 2 | 83107aa69ddeca9b2b70e49ab2ca91468a3ee07c5aacf7b035b56cec10b536e0 |
|
| Details | sha256 | 2 | d33571435803d75846f9ca0ebb81a1e2c2b859f2e5c4a709dac0571aaac9f348 |
|
| Details | sha256 | 2 | 796bab707bc08f7b79494a804a1c0c2d6c952bc4858f1d8daf8786767617ae8f |
|
| Details | sha256 | 2 | fa839f81049e00ce9981dce117df171939ecbd1c4ede2c47514387026d8fd9d6 |
|
| Details | sha256 | 2 | 5249ad1c26affa3b15bc2b73da39126621c4e426308bb4fd357d4cda4123ba1e |
|
| Details | sha256 | 2 | 3d490959cab777506c83ef1fdf4d273b992cb693e6a691b4af66c61f61583c12 |
|
| Details | sha256 | 2 | a7776af49a25664e6cb1478cc6e8bc460dacdde95d3797e3ed35286d3c4ed604 |
|
| Details | sha256 | 2 | 5bd9a9113302e5ad7a866bcc95e81c931cb04b07b4cc00a5033376654e4c3422 |
|
| Details | sha256 | 2 | 1ce5e30e8a74e5244bb8aceed2aba13a05cafb0d2612bfc3ee8d5a3921f9db88 |
|
| Details | sha256 | 2 | 5b6d1a5a7c4a7d2485bdbefd396f276c1c89e423a7c595f6abfe231f28a504e2 |
|
| Details | sha256 | 2 | 01753bbd00642cc37e3ba5664b0dbddbe8ffa493e70988d599512d8668a12d0f |
|
| Details | sha256 | 2 | 3243c113916d6ef4c44887329d8ec573f2f2d7eb3b061eb74976452282cc8825 |
|
| Details | sha256 | 2 | 2a76003a2c7e733f6bfd0468e267d32ace438b42dc6712e94be7a0e5f02bba87 |
|
| Details | sha256 | 2 | 6235fcc30c58ac7855447ff924c132a04e1b11f658cd27622cf9ba52e2b0a182 |
|
| Details | sha256 | 2 | e55aafb86d3178ca43e67d730d643adb77bf055ce5779dd735dfd1b411879352 |
|
| Details | sha256 | 2 | 13fd093ca563b252a48940dd1880754f3b2bbca54cb7b997fde1452df02e99f6 |
|
| Details | sha256 | 2 | b3bf515dccf58ecba7f44f8df4dc6e25d280e9fa1af8082510f61f0cfa37f2fa |
|
| Details | sha256 | 2 | dec28a54f8b014aa5dbed1ce034a1dc3b7acfcb950266418c0743e217292f0df |
|
| Details | sha256 | 2 | 2983fa1d672d4dab194ed1d4cad1a0ea2a1dee6a76f9aa38253078f896174851 |
|
| Details | sha256 | 2 | f91005cf0286818d29812780a9c02e80cb8c4a9f9cc498a0b5a1cf3a5c2cad10 |
|
| Details | sha256 | 2 | c1b8b512fb9445bbe515c194de5e371ec5eedc980204629a32111e35b576104c |
|
| Details | sha256 | 2 | 5c1b26c12de1517a105bb09eed20ff0624b6d60bc700025649e17715b6b4650a |
|
| Details | sha256 | 2 | 4c46d0b5be84e91480c8b61cb7762ea8eb75d6878764d1aeefa4572e440a2e65 |
|
| Details | sha256 | 2 | 60ef02cba512e9908111bbb860d0ccd240d6aec8899a418ff67753632ef9fd15 |
|
| Details | sha256 | 2 | 442dea1f0a964706cf6b1c94f39509289c0ad0b72918770d5993464f4b97e849 |
|
| Details | sha256 | 2 | f420f45b0eff9234d715f23b4081d4c3248558f90d9066e8d4533063c1e38d31 |
|
| Details | sha256 | 2 | fc9f06517e92e119692d946ce97069d1948e35e224840598df56f71d8ae044d4 |
|
| Details | sha256 | 2 | 363ef27f603d6cf5e843bbf44e6ea4eec112e97f9577d1be703fb89e484e433b |
|
| Details | sha256 | 2 | 4370fb6eb93d35a7ab15ea312f94371172f1e05065833efae335ac8ca904849b |
|
| Details | sha256 | 2 | 22764e629e6778155d8f8358726fd837b282ba1a16773844fcb10b4b8704d8c9 |
|
| Details | sha256 | 2 | 6d5c3d3be26d4a333d52c6c876bac64dc96c40d1f93dbb9580135aab94610baa |
|
| Details | sha256 | 2 | c373b1b88ee6cccf38b50d5cae2b43ff3c4042319fc2518b2b8d9ea28d5eb5c8 |
|
| Details | sha256 | 2 | 57e40581c5b12f5f0ed7d7c23c717c95653c573337b4a326367e24305089e78e |
|
| Details | sha256 | 2 | 399921e9dced6491223ae31e4f56530310dc22e90b4241ff39c28c8b25fa841a |
|
| Details | sha256 | 2 | 57a859cf8d19c90623ed8598c282d94ead4caac81e4a27082f9c1ae44526f67c |
|
| Details | sha256 | 2 | 7b41d2106ebd53ce23c0d50a245ec307108fb686664f7df310cf78975faa38cc |
|
| Details | sha256 | 2 | 064b3a2ba31b755e3fb0699e40219d9700330c7d459b2c9e88aeb172b3be1810 |
|
| Details | sha256 | 2 | 28799f0feeb0214ec31dc0615a3526aea7a2f68b692bc30b2a362f163077ea17 |
|
| Details | sha256 | 2 | 4386742e3238e6e347b394ae8b1d9dfd7070b63c06a91745dbb6c7825d866fbc |
|
| Details | sha256 | 2 | 7466bf1fa87c77a3c7197d582d361be5e057d5286ba66962e03c56d515ba1336 |
|
| Details | sha256 | 2 | 908663aefb1ea1ee6fceacb99ffdd5595c247779278612a08b58f44bbf385085 |
|
| Details | sha256 | 2 | c038cf88206371d35a0e89612d8781cdfa69cc37fc5391a8e92d252ac6b9f0b1 |
|
| Details | sha256 | 2 | b97f51c35cef3c2325bbaaed3c38aa19513aa240864c506b83130d0bcaf686b9 |
|
| Details | sha256 | 2 | ccdec5eb1e04a4b988b5ba71053b5957c2c88a258f5cc8816e27651491f950e4 |
|
| Details | sha256 | 2 | ddfb1f2638ede0a8ceda6136e99802b29fe8e5e3342edb14b21835434c194b95 |
|
| Details | sha256 | 2 | c19a11f392b69827de83ba06761eff059741d084f0ec92c83d06bd4b794326a9 |
|
| Details | sha256 | 2 | ccb5ed92e25af56433933bbacffa1586d422c20a610b48a5e89c0344017e2748 |
|
| Details | sha256 | 2 | 0e7614a4c207e6e0504f57ffe014447ca79127b5ae995b1a09af0adb427f2ac4 |
|
| Details | sha256 | 2 | 4c566cfbf8a37fdefa304cf0d3dc9a4c871d37d454991c51afbb2bd5ee22cca1 |
|
| Details | sha256 | 2 | a79ac2f2a09a62facdc7ee9e21bb109a80ec6c082e13d85d705acdd21b4a387f |
|
| Details | sha256 | 2 | 161c3ab9ab8c066109580e2bfdae1037ea0b567537a5b9a5e6278e219ca533bc |
|
| Details | sha256 | 2 | 47804fbb6bb7877cfdf15de99fd5b18f21ea6f9542ba2bc6e129563df8b7c2c0 |
|
| Details | sha256 | 2 | 3d06c30853f8bb370a2ecd7865f77f0b22932b6c7855c79d10cfb46eb7866766 |
|
| Details | sha256 | 2 | a359a72b0a53aa21b52521b8128a2932b276947e33bdc01ea6cb5d8019e4cb71 |
|
| Details | sha256 | 2 | 2498572b0a767b4135dc8e8232c7ec7b546c933ed434e20ec8df3f3f45ac57fc |
|
| Details | sha256 | 2 | 3530fe5dc925b9568ca485c70893c57424e917d6f4e22e15ea4ccf24eab460cf |
|
| Details | sha256 | 2 | bffc1199592463f2229b9ae48ee901bdc0515c955215bc9a171631d326cb409e |
|
| Details | sha256 | 2 | b1a878e39a4c2cd12bed9b1fc53d571104004841303ccee5c4dcd67b7e198d80 |
|
| Details | sha256 | 2 | aaf35ade093448c42c6d8bbe58d920584fd320ea91d879486186ef34622d7ea7 |
|
| Details | sha256 | 2 | 09bd02e180fd3f92fb0115f6f768cd1af0b37ee1176b10e007f4bfec0d77e936 |
|
| Details | sha256 | 2 | d78f1228dba14133045707880cdd09bd5a4743703667286a41e1b43650e6065a |
|
| Details | sha256 | 2 | 7ba5855901a108e1f958b8d2683599e8bef82d7cfb2aac6c040d688d20534fe6 |
|
| Details | sha256 | 2 | 5ea5da6f2e52526a63258fe73973b9672e7d10055832ddf28c35204706143a5d |
|
| Details | sha256 | 2 | 199ff1923c908a8bc639cd80b5b0fe642222ea2dd58d64b4e2dbc5a01037c0ad |
|
| Details | sha256 | 2 | f1461c68d1a2d73533671ba7d1cf11f40ab33f62c8e6eeae773a4da35c0e1ff4 |
|
| Details | sha256 | 2 | 38f33c2b9c2d676a230b3f71ab021abf1dd5572108e3679d8ea9a6bd95307ed9 |
|
| Details | sha256 | 2 | dac381361f911eef5ad9bb0ffcdf3d5a0a96c6d70e3f7ad15d3e729a417446f8 |
|
| Details | sha256 | 2 | 063ddc9af98e118677c1d40344bcea135390367f8e65d84a706e55ce103d4f5c |
|
| Details | sha256 | 2 | 93fd746d55dcb8edd4f9095dac240e32680d15e663227e155516c035904d282f |
|
| Details | sha256 | 2 | e0222bd72fdc1ffa3241edf43d265852b0edcdb3d1bf003dc05b827ae1ef7042 |
|
| Details | sha256 | 2 | a0df556e936be91d4f61400616a3fc8dcafd6712ee467fccaaf12e7a12c1a0c7 |
|
| Details | sha256 | 2 | d7628e77c593254925f3ea507d4c526b047fbc9c25d3ebdf716504b873dfdeab |
|
| Details | sha256 | 2 | c8316f6a7409eade1d93d891243b6ede9d80e7c8e5d5957363a66b52dd59503e |
|
| Details | sha256 | 2 | 21534511ec6bba6d02259f885353c81ef2330787f20481140496dca1ad84ec8f |
|
| Details | sha256 | 2 | 763570ad58a8f0ef340343a02363f1cb49b7db75f02ca51a42608dc594472b3d |
|
| Details | sha256 | 2 | 8ad5e0246fc81aaf2f3083829aa1d8419c281549b783bf2b97132a6388d559c5 |
|
| Details | sha256 | 2 | 2db410056ad808f6bd12721efbee012be5772cc9b72fc341058104c33c450059 |
|
| Details | sha256 | 2 | 628435017444a119136d053e08f8a572a2b0af6cd55f06e329cde77d638cb647 |
|
| Details | sha256 | 2 | 54c48dc70286b7106eb985c7ae3a5f02df1e7b3229e7d0a74051b3e8a67b32e4 |
|
| Details | sha256 | 2 | 81d407f1ad372ccded9ca12cb5090a3af11fb402cd8b29491a78da693625a14c |
|
| Details | sha256 | 2 | fe70e72f8bb0d202d5c26cf5c1319842a8830a76f6d727bfdc0d2b52c6438a63 |
|
| Details | sha256 | 2 | 60342cdf85d553d1bee6e4b8d55b8e4e4417c792ae5f4c0d28211eb6767e3fbb |
|
| Details | sha256 | 2 | 3998e2ba6588279a49570f61daef37d108e446db960b7a41a3c0bc8cfbfa271f |
|
| Details | sha256 | 2 | ee39590d55c8145534c30f5ffec1ae66f8ca8e31a319a1cb061b18587f6df7ce |
|
| Details | sha256 | 2 | f502e00ce95d2374c0bf98d259c97bc360c9112a61c36412f2abd7389486cdea |
|
| Details | sha256 | 2 | bc08a9f9d7517bb53e62effdd012f6357adae47ffda41ea9206c772e24adc43f |
|
| Details | sha256 | 2 | 853b97f7c3b9f01850e83aa8c57a21fd5f896ffc97f05034d6c8cd625a77a190 |
|
| Details | sha256 | 2 | fb225c7902d5c876c9bbf4f4a48b047eb4e074838b8c8a4d6b9ad342c920710b |
|
| Details | sha256 | 2 | d2610fe83ced2c92c42dc36365819d54b9ba6fdd77c7e7b728e37858547b9554 |
|
| Details | sha256 | 2 | c6476784ff00d5fb5607716b225d4ab697f762e3d8aadd9c6a75320c13fc7734 |
|
| Details | sha256 | 2 | 3eb8556e29da422b183d657e1cff09ff6abc66edd26aea6b87cfe710c8746502 |
|
| Details | sha256 | 2 | db7832da08a75a827960f84974e18571d23bc698c80d239d8d126d11d70c8805 |
|
| Details | sha256 | 2 | a42794ba75cc315f624f1df37b51f9981229b551873c73560545cc17f27d385c |
|
| Details | sha256 | 2 | c4499f2a4d4509084d8eefeb7516665810d2224454c1e0005dcb80a656d648ff |
|
| Details | sha256 | 2 | e7c582be6c599ae1ef3a93dc6ee90154ee6230a177637e3a3be66614eba50673 |
|
| Details | Url | 1 | https://www.youtube.com/channel/uc1iedha7rikwvcfpk |
|
| Details | Url | 1 | https://mega.nz/file/mo5enyxd#pqoau0w2jqnvdqicrguqaduivlabrfzjet |
|
| Details | Url | 1 | https://github.com/avast/ioc/tree/master/hackboss |
|
| Details | Windows Registry Key | 582 | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run |
|
| Details | Windows Registry Key | 1 | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Defender |