Reconnecting to live updates…

NuGet malware targets crypto wallets, OAuth tokens

Severity: mediumType: campaign

A malware campaign discovered on the NuGet package repository targets the cryptocurrency ecosystem by distributing 14 malicious packages impersonating legitimate crypto-related tools. These packages employ techniques such as homoglyphs, version bumping, and inflated download counts to appear trustworthy and evade detection. The malware aims to steal crypto funds by redirecting transactions and exfiltrating secrets, including OAuth tokens for Google Ads accounts. The campaign highlights the risks of software supply chain attacks, especially for projects relying on compromised dependencies. No known exploits in the wild have been reported yet, but the threat poses a significant risk to developers and organizations integrating these packages. The attack affects . NET developers using NuGet packages related to cryptocurrency and OAuth services. The severity is assessed as medium due to the potential confidentiality and financial impact, combined with moderate exploitation complexity. European organizations involved in blockchain development, fintech, and digital advertising are particularly at risk. Mitigation requires strict dependency vetting, use of package integrity verification, and monitoring of OAuth token usage.

AI Analysis

Technical Summary

In July 2025, a campaign was identified involving 14 malicious NuGet packages targeting the cryptocurrency ecosystem. These packages impersonated legitimate crypto-related tools by using homoglyphs—characters visually similar to legitimate package names—to deceive users. The attackers also employed version bumping and artificially inflated download counts to increase perceived legitimacy. The malware was categorized into three groups: wallet stealers that redirect or intercept cryptocurrency transactions to attacker-controlled wallets; crypto-funds stealers that exfiltrate private keys or secrets enabling unauthorized fund transfers; and Google Ads OAuth stealers that harvest OAuth tokens to gain unauthorized access to Google Ads accounts, potentially facilitating fraudulent advertising or further compromise. This campaign exemplifies a sophisticated software supply chain attack, exploiting the trust developers place in widely used package repositories like NuGet. The attack leverages multiple MITRE ATT&CK techniques, including masquerading (T1036.005), user execution (T1204.002), process injection (T1055), and credential access (T1552.001). While no active exploits have been reported, the presence of these packages in the ecosystem poses a latent risk to any project depending on them. The campaign underscores the importance of supply chain security in the .NET development environment, particularly for projects handling sensitive crypto assets or OAuth-based integrations.

Potential Impact

The primary impact of this threat is the compromise of cryptocurrency wallets and OAuth tokens, leading to potential financial losses and unauthorized access to cloud services. For European organizations, especially fintech companies, blockchain developers, and digital marketing agencies, the theft of crypto funds or OAuth credentials can result in direct monetary loss, reputational damage, and regulatory scrutiny under GDPR and other data protection laws. The supply chain nature of the attack means that even organizations with strong internal security can be compromised through trusted dependencies, potentially affecting entire projects and their user communities. The redirection of crypto transactions undermines the integrity and availability of financial operations, while OAuth token theft can lead to broader cloud service compromises, data leakage, and fraudulent activities. The medium severity reflects the significant confidentiality and financial risks balanced against the need for user interaction and some technical sophistication to exploit the malicious packages.

Mitigation Recommendations

European organizations should implement strict dependency management policies, including: 1) Employing automated tools to detect homoglyphs and suspicious package naming conventions in NuGet dependencies. 2) Verifying package integrity using cryptographic signatures and checksums before integration. 3) Monitoring and auditing OAuth token usage and permissions regularly to detect anomalies. 4) Restricting the use of third-party packages to those from verified and trusted publishers only. 5) Implementing runtime behavior monitoring to detect unusual process injections or network communications indicative of wallet or token theft. 6) Educating developers about supply chain risks and encouraging manual review of critical dependencies. 7) Utilizing private package repositories or mirrors with strict vetting to reduce exposure to public repository threats. 8) Applying least privilege principles to OAuth tokens and crypto wallet access to minimize potential damage. These measures go beyond generic advice by focusing on detection of specific attack techniques and enforcing strict supply chain hygiene.

Affected Countries

Germany, United Kingdom, France, Netherlands, Switzerland, Sweden, Estonia

Indicators of Compromise

hash: 03ff8f5352e42dbb0f2e60ae9bc36b27c35860b3
hash: 05a29102d2769834b87cf8505cf64fb910625d1e
hash: 0655cdd206703064b2dfdda44393295f4e380bec
hash: 08aeac51c5af03a3dd769d339fb8a4b08729a4de
hash: 0907e15fceae4ac81383ea576a44b71ed1a9643a
hash: 09618bc8f2dde467890403b5ad71ab8349dd7339
hash: 0a70ea53f4ade70ce2616522ffb601ee1778c0ea
hash: 0ad97d12add68d0e998d40d69c9e4b189f4a9588
hash: 0b267bc5cbba9a96b3c7ecf56222776fccf8d13e
hash: 0efe44b572d3fd481cb16a47dd3b7516c104d4d2
hash: 10094b31992f597142dff3a01b16874459ca9d4b
hash: 10206b3d71e972a415c26d8275080a2b1d91554d
hash: 10e6d3c4bc327409b7f2af76be4153dbe470e0af
hash: 1128c17ebe42617d75277987b384a6a15f1d7000
hash: 11c46b9a5235b24370dec636e0bc2f8d8cfbc0ba
hash: 130b16b10b1e6a5e235097630f9b8fa2251fb7ce
hash: 14a567ef4b0c4cc480056d951dcca6d3648c5a73
hash: 157c0f2d09621c37d638fcc42d9c6bc7107f018f
hash: 16553a6418a4035c5a3c5b66482fad3189039beb
hash: 169539b741d054a01e91707d8ac0008474785b58
hash: 174716911ef4bec98a2defd165a27eb4752e61ad
hash: 182de4f79db336e706391ef7a3431a5a4cbfde77
hash: 1876c5cc5cb5d8c10aab3d4b479e1561f3fd5e6a
hash: 18df861bbf1b00ce4046dce4d952be5bf6f3f825
hash: 19774417312a7204716176d86101a53e1ec7de83
hash: 1a8549071a86de50bb78f51ed3e5ebfcd4c3942b
hash: 1a9493f509371d9dc1056958337d7b74798f5661
hash: 1a986ac0865ee9c34227b049d3959e3de14a6509
hash: 1c0d4ecd29ea197b41cd65409b89d9b8620812fe
hash: 1c9bd2aed6739155d256981990cfa814ce0f77b6
hash: 1cde8da0dd07326657eba749806541b767d93aac
hash: 1cf71a5de91d7a90673b389a15cffdfb3915682d
hash: 1f6dbf2a29e85ee6b31d57004125d42b73e079b5
hash: 20c146f2205a96925b14f18059aca1ff38d5dcb8
hash: 232a17f920a526ea6ef57b854589f97faeb53994
hash: 232f619a8444cd8b484ece901accb45a6be2df1e
hash: 29c4f29a2c6d7929eba10301f6d861a5591cbe56
hash: 2a32919bffc04b3c4c124b8383f5eedad457c4d5
hash: 2ce05bc2380a97fca39f84c54fc14f8c9a26545a
hash: 2d1007c76962cac395abb38a20216b7b02feae4a
hash: 310cdb353ba2dda94989f65b20de4f67e0cff93a
hash: 316a9b6cd308d2de74cf3bfcf51e75919b71e8ea
hash: 32876e3127fbbd329ba10ff2e2844aa8d5205b29
hash: 32ea26acb233b573b3e4f1b874f9768d11751e38
hash: 345a8837b87936cedf37f62e4a2014481a4e0d24
hash: 34da48fa43e4325ed448f47bd4570079b320dd22
hash: 36276d55f741825d42eff099d4f79b9c1b19a5a6
hash: 3654ff5509d494b29f418b042c7c8a02fe46a127
hash: 37b17099788e0b5b3f7b5c4a9175c271f43bc1f2
hash: 3841005cd1aacc0ae8f8f5907d38daefd1582b20
hash: 385b8a72dbd18dae1b8e4e310fcdbb38ed288307
hash: 3b20663a3e8605c09c11842809d78cce829eb0ee
hash: 3c094cd90d2f83b1c4e3f0a391ef0871d2ffaf95
hash: 3da74f705246b95e07c5d459488e5f48befe10f7
hash: 3e29b26f141cfb7532b6cfb277f32c7191b4b915
hash: 3f98fb94b3268e9c6e2c6cad120d762bd2c136bb
hash: 3fe9db489407533718e6246c4a56994561326da7
hash: 4083896f0c74c87b8e951880b40b98edd0829abc
hash: 40cd8703d940c4f3fe880c7292a6b92a099a7f5e
hash: 456eecf8311491a242c0984918936d422185a881
hash: 457136952da8784d6c4cede431d816d99b60c327
hash: 461a9192674bdf2c29fa586cdb7c2cd733d66663
hash: 4697e60cc77722eb3e7567899fb4a6d56db2487d
hash: 476411c66c27227574a51466d44a05d14c5cf647
hash: 47fa246f312ae447fa3849a33644fbdc91c1b3c5
hash: 4a43f89ce32f3c4c7dedfbd782c2cb4d3834478c
hash: 4d21fbe0c099b9e21db89fef5d167ba6593265ec
hash: 4e38e286139bdb93d9760279171634745e1f531d
hash: 4eb148d83d9a3f5c1187a9d8d5a0e85459fa9c87
hash: 5149d3e9eda7ae65116d7e0780294191c153de5c
hash: 51c5304ac9cb69505bc6182d05b0aa18356d01c7
hash: 52620426caf465180318147db633f2ce26efe35d
hash: 527d443f1049fe6f23f406463b51f125816ae1c7
hash: 528adc0d2e7a6e1357aa3676a69bc43648f99776
hash: 52b078c85b5a76d8f97feb3701d9d6ff0de4e284
hash: 52fd4d3a3e1f62fdffb94d5745bb0a543a3ff780
hash: 53997fafbe623aa5bda1ea56db224c8d8827d860
hash: 53d099e308b65232f2a878730ce01af9b85ea08c
hash: 5469b29c9848b785d9f993973f0fc59dff993dcd
hash: 5558c729ce1d1b0a9b7d9567bfc825686d4d13cc
hash: 56da8268211cd9b3806e8ad4a3d9f6b017773872
hash: 575dc8c4e7fb9deb3826f546c442c0c96364a0d7
hash: 57ec7112931de3ce7ba4502e1fa5299ad148085d
hash: 5853de4cfbbbf9313d0c07ed5f54d00acc57cec8
hash: 5882be86bda0108432d74f8b00364ef57bf7864f
hash: 58e42f6d7762505f5ef7d70caee8fe4fb3e6939f
hash: 59ccbc15564036c46447e510b040e9f0b3d65fe4
hash: 5cefe3a11a27572136c1363f963b7d3205c47915
hash: 5d337ae9885c310d02512e4fbdd80d4012410c4b
hash: 5dd1ed264cede60268515aaa4fedb4bb7c39e1f0
hash: 5f52ae106239e4f38ba278f575216736a3541ae0
hash: 5fc1b9d3d1bfc8033cd22e59dc3b0e1084c2abb1
hash: 5fcaa9633c79ee0fe0b92d1a50e0c855a7a339ac
hash: 60a10913c7209c169c08cc95415501228ed6c190
hash: 61b9de7fcc3e50533afbe6684bfadc8a7a3116e4
hash: 62d0408d04580c9269f18efc5f6ef77b138d6c07
hash: 64b83f8346be100e472a1a98f96c5285a6781396
hash: 667422e49dd772521d98afdb5e3d1b28932ef92e
hash: 67b720c373f2f419c1a9dfa9076623676d0d9e9a
hash: 6911ebd9335115c217ad996c66d3cf283b03503d
hash: 6933371ae2bf4cf4fa5af8fb22b8d7a5afdf1334
hash: 6a46ddaa83ca62ba5051741b9c7d3ca0821b7592
hash: 6a482d405135104991292e75b1c1483463a3fc64
hash: 6aa4a534ced10e137992ff514fbdccc590032899
hash: 6ab4ea8808fbeca07b627d93b4623ed7a8c855f1
hash: 6b01128dd88845de610cbcc95b61930cefab5fdd
hash: 6e6416fe7df1febc384301d1e57d6d6d0fe419a5
hash: 70fd70c3b07899c472724e08af492c07fba02f4f
hash: 716142789814a181bd0b207e36255c0eacae3918
hash: 71f5b45a7ea86737fd83e7af3edc549244e1143a
hash: 73dcf1d461b0d2b3ebeee56c61458475e2c22575
hash: 746620fd7a2e95935afbe299ded82fd88c108ca7
hash: 746cfd19100f7c33e3c459d68fa98849bfb4774c
hash: 78aee77335e800a51d7bce8cfd8d7da272e32750
hash: 7a0304bbde9782b6a903c67b0ebc4684aff21692
hash: 7a39bf8e572fce19a18909f3d022b231e0e14eb7
hash: 7add61312ddd21f524c253a67ae2d85be4f99d19
hash: 7b5b190ca5778fa1d3116734c0cbc1ccdb883817
hash: 7ce96efdf37c1b98b7f801363dd4c639a46663a2
hash: 7dcf458ce124b1ef88ab456c052a5989c213818a
hash: 7e01e044c480c7e3647be88da1b8741e3304a561
hash: 7e55a5e24829ab196ff26f6d8ee40d2c9ff45343
hash: 82f96da4cf96d076848e7358f6dd24c089bbf5e2
hash: 83bf02af6b681182a274c0d60e35b5bf3cdcfefa
hash: 86819f74f2c0c97a69266cb0a17c63bb31b9651a
hash: 86b1d3712644631b1b363e74a393816646232816
hash: 87c22069e002f28cd5ae615c8d603b8e4c67a817
hash: 87c46a3997de4c5c8b51bab0e3b5021726237fac
hash: 88ffc7ec5175a136f34841af704c4b469548ec37
hash: 8a2ac011763b06aaf566d23892391e563bda7c36
hash: 8b1a06de6635be56009d8eec236bdad18734f9ab
hash: 8b264896adeca78c1bd653c288321800a16e1f95
hash: 8b53f692a1bbc0be65cfc161f0cf90c6be3c698e
hash: 8c69d88224b6b7a1e3069ad44e07dcf6c1fc9696
hash: 8e88e49530b464e5d22a03b57cd47b03d5af30d9
hash: 8ea2556c2e0b3a36acbaf6397977cd9888ebc222
hash: 8f812048e7471867c2322481a3c4ebdcbe9fb8d6
hash: 8fe92eb9e875a51629dd48660cf6d3fbbf28df01
hash: 901151376b9c44b8d25dfa55d9e35a6862bcd808
hash: 90a3fba12c7c394b5b6e60d68f5fc0dea8a1994f
hash: 90d272a5e53d9d128e826216742ab7e149055e72
hash: 916a5f26c3ae694620dd69c3d9c807907982aaf4
hash: 916ad2a01cef76047ef622e7701f79c671710202
hash: 92bc8caa5a736faaa9a576763cd8fa04ce627702
hash: 953491446afeb169c0247c3afe9df83ff1c3c860
hash: 96342bf9937286e863fb794ed3a74dd18e8dfc07
hash: 971715a2a50fd2ec54a50f2679fc4cbca2306fc0
hash: 9812aac1de9c57b006cb3355ec3cc1d879c8e3b6
hash: 9891b0fae7769adbe3fb986748d5dc84202169cc
hash: 991ba17dc340c3a33dded6199ee2529a06b41674
hash: 994a072c85febd71f65ca470b0fbf6fafce64b38
hash: 99a80f47cf5439877088c23b061331ddac8f346f
hash: 99b88373d48273c2a2d2e9ac4b4680f19312f3aa
hash: 9a020d9727e3ef215c5aba35e68ec420ce892d78
hash: 9a084686fb5dd62aefd59a9c8bddb07e8eb6fbe9
hash: 9a18401c7d8aff223c5b0cd7d4ee6a989afdbf63
hash: 9bef50f330c4f6bbd62897b320847418688afe10
hash: 9d3d7573979e22fb11da05db3ec004b18aae08d5
hash: 9fe95bc153e64854c8c3c11ff406f8df1db5b00c
hash: a02ed8ef30323f3cdd54df42d564a035ab52317e
hash: a16281e36ac1376268f90f8c9656dcafb02f418b
hash: a301153605eee5a2ffb80728d9c8d4d122026e76
hash: a3a8e75f7b6c66373a38820296f1837026988734
hash: a3e7690e1af94641351aab1e2203674dcd5c768a
hash: a3f3b9ce5e89ccb36de9566d4f12b0c495554a18
hash: a4c70c1803b9a81f88c967b738c36830c8555a66
hash: a5e35d3b9ef6766bac1d66103788c5595d47953c
hash: a6a0452dded3a963fa403fc5ade9a89acf92bb74
hash: a845202d5040185974d1a986eb42380d4c1662f6
hash: aa23a65caddade19ade5c99122dff8a5bd5ec513
hash: aa7f08a8def57c9adfa04174d0730139303fb9a1
hash: ab0eb4dbc78441868951a03d0cc639ec8eaf2e8d
hash: ab6557c3b350facfef4abbd351365368e38017c5
hash: ac1bf32b2ebe1cb70622fa3fdc65a066001e16e4
hash: ad14acc3862e0ef5a096d6f744358131a8be0fae
hash: ad5869daa3a63889f953158f84e0f1a99de2c516
hash: ad77ae6f47d60a5218d5fcab7fcd0fc7ddfc5d44
hash: ae33843dfe79475f3f58374a16eec7b175392d3b
hash: ae908e3dab4a228b03b2e32156ace35e7bad79ce
hash: af925a1604b0aed3c72c75a9c001082a079ec523
hash: b146df7b3b0b162e2d5e4aa9cdffce21c854b541
hash: b179f7979143d2ce07f3837099fd2940506d4f12
hash: b1f3ad0a7e4b8173baf9866d39807ceab0fa4ffe
hash: b269c1d6c4e2aea61ee7d8358e2f1a2408adf7df
hash: b314482e6346be36a4fae3a965dc4d21be5af020
hash: b42b7fb966498104e726eb675065a7590d765aa8
hash: b730bd077801f57a7e827ea00ec7fd964dfbaf7b
hash: b7fa31a6da1c95e599ce3078404b3efa4668a6bb
hash: b84bb9c557f5fa4168b09d93119b074d40df2d6b
hash: b96561eacb62a8d1b34d2b4fc037b00b04bb0c4f
hash: b9702d3ca9894f2cab51de43901b7f4c4a658eab
hash: ba79071ba7628916b4ced6ccb93d7fba82272f9a
hash: bae1bf585ed8abd948f7b2a0f337da4d1a31b5e5
hash: bcf22c449c1dadef96bc6042bcc18d20b4db2965
hash: bd2d6aa6ed5f3e394ea651693b6b9c28058ab370
hash: be8590abce6219aa6581df3d9411ecbbaa73e692
hash: c1f03e0e76ddce47826572a91865a946fdf01204
hash: c3a3978e874a377b5bb251a2267b11cf6dfe201b
hash: c53b91501151fa4bb820456b5ea1253cffb5070a
hash: c6249d3c4ea9dfbef0156c4dcf3999b0274ef270
hash: c70c8fec3387e5f32a798c0f697ce72df45b2b0c
hash: c71993c4c1e92a88059d1a278e29968af3aa84b2
hash: c789b6cc93f298cf7cce2975b53a970c9c5ee3bf
hash: c9d40e5f7effe57a16e6dfaef8aace617c82bd31
hash: caefe957befb93e0d20e9d1b4a114c574321be89
hash: cceca9475b29b0afe273fe1e00332e7d3ec52552
hash: cdb2b23a7cfe9b8776e757d67f094bbfebc02de3
hash: cdcfd4f8dfd5b815eed2b328899d1e55d8d6582d
hash: ce8060e2401ca49e9445122f57b467c07b8e4686
hash: ce9d108c0d0bf5a75c965b4cb04cb38b786108d4
hash: cf7c56e73b9dd670b500ae5d50f6d37a633794d1
hash: cfce69a52a25fd4924892dc1a1838bb196c1e3e8
hash: cfd72a92e2ddec0954dd43df5c06fe702673e606
hash: d11e9df40727d3ae453309c681654f07701a44e1
hash: d14d888744c49f7a7e67e5abc0955ccec2fc31b0
hash: d37d28a7dad9fab49b701ae734070cebcd2a2cb8
hash: d3af0cd42892e7075c31be4fd08271640c91ab90
hash: d53651fdc3a0c3cf42b83b3d20327be3b810aff0
hash: d685d34f929d1127a2f53b82435e1e1a81af8ce8
hash: d8447113afb073a363aebaeea377b3d0a151f65c
hash: d933d97e6725132ac717da4d21e3043d6406c8a8
hash: d9357152d648bcd9f83c4bd66e22187437f19d3a
hash: d93fc7c8b82719f0538ee33102fba689e562187e
hash: d9998997d0186467de88c41308df1351d64825d1
hash: dac0bfc8b9983ff1bff649d1648c8f9e30c8cb68
hash: dad2d61356bd57d7212e81d1f1b47f5153300e07
hash: dad97925ad91943de87879b00ec45be1ab6c29da
hash: dc4a4579cf784be3bba98a1ab2dd08d0c00a4cb1
hash: dd6c262538f5452a0dd343ce05eff7d0b463bbdf
hash: dee343519ad4a9b6c8a7be36b2c9c95a17a3a347
hash: e0b041f5ce0e4458782734dba455cc7c22927cbf
hash: e0fe2ab98dfad287feb9b08adfcf7ea6632e7c76
hash: e1627ed04f36c396f8d3a80ba2211429934b1e49
hash: e1d399818a2960b83184934e9c2f431e53fb88bc
hash: e400bb72044383747165f6a3d46fd85b4dfa0c52
hash: e43ad112bda98d4bd8c8c247cb37110d6e56a7a1
hash: e7f7b50b8eb4d52d60e33b2753c969518db223ae
hash: e8bb49debb66c90f3c82e1e2102b423889eb4560
hash: e9f602c7d6fd21b1a3e8d717a909f1419e778ab5
hash: ec381ffa97255fe6fe32f3e1c4cca0876b1c17c8
hash: ec49820ad8ac06a60300ac77a0d0d444f2e07269
hash: ed3525c36d61601a36e6f5908f1103ed397f111e
hash: ed4ff3cc664afea95b072af39b750e8bf6e4d7dc
hash: edbabb8d170d795ed9b7452e4f895e3d658f1868
hash: ef5f6cf6c7869ee6f2cb46430e0e9e9dc0a60376
hash: efa8335bad0bf75a130f61f7944d86ab253cba42
hash: f0ccc91433b7e6b6d47d9813cf6d9d86a9a28baf
hash: f12a2492385d382c11133c37265e4c3082f3b018
hash: f15759160ee919a9f41c6adc7f68937fe8fa879f
hash: f1936d99858a7facd6ee922073479a606844522b
hash: f235cb9abde5e88fa647f4b41370c84e56ce3099
hash: f39470c88f34fb639d291b59db595b1ab19a2900
hash: f3a028991baf032ddcb62f03276f030875675e13
hash: f3cbf93b861770bf88cbfb21018adaf89b853c47
hash: f48be90c73ddb5a0e273d4012ae20350495314ab
hash: f7fa8e5b4cebb4f83b3a15b8bc72251094785eee
hash: f80239f9376dfe08c35756910caadd49eaeae300
hash: f81607d4db058c20c5441f8a11b56c5190feae89
hash: f92a7fa4650d13b86693f32631ef4b6108f00125
hash: f9e34ab400bac027b10d1262966e66fbdea7751b
hash: fc6587c6b75c5a0ca4cf9ebd6ee1c01ac13ebb6b
hash: fd9de8e9ea59d972e9f0e63a6c3acbca03a7e5cb
hash: fe057c5e80b78a81f0f579b39a9cb11d78fd90a2
hash: fe977e8a2a03396d1a057a30cb02db88811573f5
hash: ff9a074df4c5f96c728aab29e3710fc31183694b

NuGet malware targets crypto wallets, OAuth tokens

Severity: medium

Type: campaign

Technical Summary

Potential Impact

Mitigation Recommendations

Affected Countries

Germany, United Kingdom, France, Netherlands, Switzerland, Sweden, Estonia

Indicators of Compromise

hash: 03ff8f5352e42dbb0f2e60ae9bc36b27c35860b3
hash: 05a29102d2769834b87cf8505cf64fb910625d1e
hash: 0655cdd206703064b2dfdda44393295f4e380bec
hash: 08aeac51c5af03a3dd769d339fb8a4b08729a4de
hash: 0907e15fceae4ac81383ea576a44b71ed1a9643a
hash: 09618bc8f2dde467890403b5ad71ab8349dd7339
hash: 0a70ea53f4ade70ce2616522ffb601ee1778c0ea
hash: 0ad97d12add68d0e998d40d69c9e4b189f4a9588
hash: 0b267bc5cbba9a96b3c7ecf56222776fccf8d13e
hash: 0efe44b572d3fd481cb16a47dd3b7516c104d4d2
hash: 10094b31992f597142dff3a01b16874459ca9d4b
hash: 10206b3d71e972a415c26d8275080a2b1d91554d
hash: 10e6d3c4bc327409b7f2af76be4153dbe470e0af
hash: 1128c17ebe42617d75277987b384a6a15f1d7000
hash: 11c46b9a5235b24370dec636e0bc2f8d8cfbc0ba
hash: 130b16b10b1e6a5e235097630f9b8fa2251fb7ce
hash: 14a567ef4b0c4cc480056d951dcca6d3648c5a73
hash: 157c0f2d09621c37d638fcc42d9c6bc7107f018f
hash: 16553a6418a4035c5a3c5b66482fad3189039beb
hash: 169539b741d054a01e91707d8ac0008474785b58
hash: 174716911ef4bec98a2defd165a27eb4752e61ad
hash: 182de4f79db336e706391ef7a3431a5a4cbfde77
hash: 1876c5cc5cb5d8c10aab3d4b479e1561f3fd5e6a
hash: 18df861bbf1b00ce4046dce4d952be5bf6f3f825
hash: 19774417312a7204716176d86101a53e1ec7de83
hash: 1a8549071a86de50bb78f51ed3e5ebfcd4c3942b
hash: 1a9493f509371d9dc1056958337d7b74798f5661
hash: 1a986ac0865ee9c34227b049d3959e3de14a6509
hash: 1c0d4ecd29ea197b41cd65409b89d9b8620812fe
hash: 1c9bd2aed6739155d256981990cfa814ce0f77b6
hash: 1cde8da0dd07326657eba749806541b767d93aac
hash: 1cf71a5de91d7a90673b389a15cffdfb3915682d
hash: 1f6dbf2a29e85ee6b31d57004125d42b73e079b5
hash: 20c146f2205a96925b14f18059aca1ff38d5dcb8
hash: 232a17f920a526ea6ef57b854589f97faeb53994
hash: 232f619a8444cd8b484ece901accb45a6be2df1e
hash: 29c4f29a2c6d7929eba10301f6d861a5591cbe56
hash: 2a32919bffc04b3c4c124b8383f5eedad457c4d5
hash: 2ce05bc2380a97fca39f84c54fc14f8c9a26545a
hash: 2d1007c76962cac395abb38a20216b7b02feae4a
hash: 310cdb353ba2dda94989f65b20de4f67e0cff93a
hash: 316a9b6cd308d2de74cf3bfcf51e75919b71e8ea
hash: 32876e3127fbbd329ba10ff2e2844aa8d5205b29
hash: 32ea26acb233b573b3e4f1b874f9768d11751e38
hash: 345a8837b87936cedf37f62e4a2014481a4e0d24
hash: 34da48fa43e4325ed448f47bd4570079b320dd22
hash: 36276d55f741825d42eff099d4f79b9c1b19a5a6
hash: 3654ff5509d494b29f418b042c7c8a02fe46a127
hash: 37b17099788e0b5b3f7b5c4a9175c271f43bc1f2
hash: 3841005cd1aacc0ae8f8f5907d38daefd1582b20
hash: 385b8a72dbd18dae1b8e4e310fcdbb38ed288307
hash: 3b20663a3e8605c09c11842809d78cce829eb0ee
hash: 3c094cd90d2f83b1c4e3f0a391ef0871d2ffaf95
hash: 3da74f705246b95e07c5d459488e5f48befe10f7
hash: 3e29b26f141cfb7532b6cfb277f32c7191b4b915
hash: 3f98fb94b3268e9c6e2c6cad120d762bd2c136bb
hash: 3fe9db489407533718e6246c4a56994561326da7
hash: 4083896f0c74c87b8e951880b40b98edd0829abc
hash: 40cd8703d940c4f3fe880c7292a6b92a099a7f5e
hash: 456eecf8311491a242c0984918936d422185a881
hash: 457136952da8784d6c4cede431d816d99b60c327
hash: 461a9192674bdf2c29fa586cdb7c2cd733d66663
hash: 4697e60cc77722eb3e7567899fb4a6d56db2487d
hash: 476411c66c27227574a51466d44a05d14c5cf647
hash: 47fa246f312ae447fa3849a33644fbdc91c1b3c5
hash: 4a43f89ce32f3c4c7dedfbd782c2cb4d3834478c
hash: 4d21fbe0c099b9e21db89fef5d167ba6593265ec
hash: 4e38e286139bdb93d9760279171634745e1f531d
hash: 4eb148d83d9a3f5c1187a9d8d5a0e85459fa9c87
hash: 5149d3e9eda7ae65116d7e0780294191c153de5c
hash: 51c5304ac9cb69505bc6182d05b0aa18356d01c7
hash: 52620426caf465180318147db633f2ce26efe35d
hash: 527d443f1049fe6f23f406463b51f125816ae1c7
hash: 528adc0d2e7a6e1357aa3676a69bc43648f99776
hash: 52b078c85b5a76d8f97feb3701d9d6ff0de4e284
hash: 52fd4d3a3e1f62fdffb94d5745bb0a543a3ff780
hash: 53997fafbe623aa5bda1ea56db224c8d8827d860
hash: 53d099e308b65232f2a878730ce01af9b85ea08c
hash: 5469b29c9848b785d9f993973f0fc59dff993dcd
hash: 5558c729ce1d1b0a9b7d9567bfc825686d4d13cc
hash: 56da8268211cd9b3806e8ad4a3d9f6b017773872
hash: 575dc8c4e7fb9deb3826f546c442c0c96364a0d7
hash: 57ec7112931de3ce7ba4502e1fa5299ad148085d
hash: 5853de4cfbbbf9313d0c07ed5f54d00acc57cec8
hash: 5882be86bda0108432d74f8b00364ef57bf7864f
hash: 58e42f6d7762505f5ef7d70caee8fe4fb3e6939f
hash: 59ccbc15564036c46447e510b040e9f0b3d65fe4
hash: 5cefe3a11a27572136c1363f963b7d3205c47915
hash: 5d337ae9885c310d02512e4fbdd80d4012410c4b
hash: 5dd1ed264cede60268515aaa4fedb4bb7c39e1f0
hash: 5f52ae106239e4f38ba278f575216736a3541ae0
hash: 5fc1b9d3d1bfc8033cd22e59dc3b0e1084c2abb1
hash: 5fcaa9633c79ee0fe0b92d1a50e0c855a7a339ac
hash: 60a10913c7209c169c08cc95415501228ed6c190
hash: 61b9de7fcc3e50533afbe6684bfadc8a7a3116e4
hash: 62d0408d04580c9269f18efc5f6ef77b138d6c07
hash: 64b83f8346be100e472a1a98f96c5285a6781396
hash: 667422e49dd772521d98afdb5e3d1b28932ef92e
hash: 67b720c373f2f419c1a9dfa9076623676d0d9e9a
hash: 6911ebd9335115c217ad996c66d3cf283b03503d
hash: 6933371ae2bf4cf4fa5af8fb22b8d7a5afdf1334
hash: 6a46ddaa83ca62ba5051741b9c7d3ca0821b7592
hash: 6a482d405135104991292e75b1c1483463a3fc64
hash: 6aa4a534ced10e137992ff514fbdccc590032899
hash: 6ab4ea8808fbeca07b627d93b4623ed7a8c855f1
hash: 6b01128dd88845de610cbcc95b61930cefab5fdd
hash: 6e6416fe7df1febc384301d1e57d6d6d0fe419a5
hash: 70fd70c3b07899c472724e08af492c07fba02f4f
hash: 716142789814a181bd0b207e36255c0eacae3918
hash: 71f5b45a7ea86737fd83e7af3edc549244e1143a
hash: 73dcf1d461b0d2b3ebeee56c61458475e2c22575
hash: 746620fd7a2e95935afbe299ded82fd88c108ca7
hash: 746cfd19100f7c33e3c459d68fa98849bfb4774c
hash: 78aee77335e800a51d7bce8cfd8d7da272e32750
hash: 7a0304bbde9782b6a903c67b0ebc4684aff21692
hash: 7a39bf8e572fce19a18909f3d022b231e0e14eb7
hash: 7add61312ddd21f524c253a67ae2d85be4f99d19
hash: 7b5b190ca5778fa1d3116734c0cbc1ccdb883817
hash: 7ce96efdf37c1b98b7f801363dd4c639a46663a2
hash: 7dcf458ce124b1ef88ab456c052a5989c213818a
hash: 7e01e044c480c7e3647be88da1b8741e3304a561
hash: 7e55a5e24829ab196ff26f6d8ee40d2c9ff45343
hash: 82f96da4cf96d076848e7358f6dd24c089bbf5e2
hash: 83bf02af6b681182a274c0d60e35b5bf3cdcfefa
hash: 86819f74f2c0c97a69266cb0a17c63bb31b9651a
hash: 86b1d3712644631b1b363e74a393816646232816
hash: 87c22069e002f28cd5ae615c8d603b8e4c67a817
hash: 87c46a3997de4c5c8b51bab0e3b5021726237fac
hash: 88ffc7ec5175a136f34841af704c4b469548ec37
hash: 8a2ac011763b06aaf566d23892391e563bda7c36
hash: 8b1a06de6635be56009d8eec236bdad18734f9ab
hash: 8b264896adeca78c1bd653c288321800a16e1f95
hash: 8b53f692a1bbc0be65cfc161f0cf90c6be3c698e
hash: 8c69d88224b6b7a1e3069ad44e07dcf6c1fc9696
hash: 8e88e49530b464e5d22a03b57cd47b03d5af30d9
hash: 8ea2556c2e0b3a36acbaf6397977cd9888ebc222
hash: 8f812048e7471867c2322481a3c4ebdcbe9fb8d6
hash: 8fe92eb9e875a51629dd48660cf6d3fbbf28df01
hash: 901151376b9c44b8d25dfa55d9e35a6862bcd808
hash: 90a3fba12c7c394b5b6e60d68f5fc0dea8a1994f
hash: 90d272a5e53d9d128e826216742ab7e149055e72
hash: 916a5f26c3ae694620dd69c3d9c807907982aaf4
hash: 916ad2a01cef76047ef622e7701f79c671710202
hash: 92bc8caa5a736faaa9a576763cd8fa04ce627702
hash: 953491446afeb169c0247c3afe9df83ff1c3c860
hash: 96342bf9937286e863fb794ed3a74dd18e8dfc07
hash: 971715a2a50fd2ec54a50f2679fc4cbca2306fc0
hash: 9812aac1de9c57b006cb3355ec3cc1d879c8e3b6
hash: 9891b0fae7769adbe3fb986748d5dc84202169cc
hash: 991ba17dc340c3a33dded6199ee2529a06b41674
hash: 994a072c85febd71f65ca470b0fbf6fafce64b38
hash: 99a80f47cf5439877088c23b061331ddac8f346f
hash: 99b88373d48273c2a2d2e9ac4b4680f19312f3aa
hash: 9a020d9727e3ef215c5aba35e68ec420ce892d78
hash: 9a084686fb5dd62aefd59a9c8bddb07e8eb6fbe9
hash: 9a18401c7d8aff223c5b0cd7d4ee6a989afdbf63
hash: 9bef50f330c4f6bbd62897b320847418688afe10
hash: 9d3d7573979e22fb11da05db3ec004b18aae08d5
hash: 9fe95bc153e64854c8c3c11ff406f8df1db5b00c
hash: a02ed8ef30323f3cdd54df42d564a035ab52317e
hash: a16281e36ac1376268f90f8c9656dcafb02f418b
hash: a301153605eee5a2ffb80728d9c8d4d122026e76
hash: a3a8e75f7b6c66373a38820296f1837026988734
hash: a3e7690e1af94641351aab1e2203674dcd5c768a
hash: a3f3b9ce5e89ccb36de9566d4f12b0c495554a18
hash: a4c70c1803b9a81f88c967b738c36830c8555a66
hash: a5e35d3b9ef6766bac1d66103788c5595d47953c
hash: a6a0452dded3a963fa403fc5ade9a89acf92bb74
hash: a845202d5040185974d1a986eb42380d4c1662f6
hash: aa23a65caddade19ade5c99122dff8a5bd5ec513
hash: aa7f08a8def57c9adfa04174d0730139303fb9a1
hash: ab0eb4dbc78441868951a03d0cc639ec8eaf2e8d
hash: ab6557c3b350facfef4abbd351365368e38017c5
hash: ac1bf32b2ebe1cb70622fa3fdc65a066001e16e4
hash: ad14acc3862e0ef5a096d6f744358131a8be0fae
hash: ad5869daa3a63889f953158f84e0f1a99de2c516
hash: ad77ae6f47d60a5218d5fcab7fcd0fc7ddfc5d44
hash: ae33843dfe79475f3f58374a16eec7b175392d3b
hash: ae908e3dab4a228b03b2e32156ace35e7bad79ce
hash: af925a1604b0aed3c72c75a9c001082a079ec523
hash: b146df7b3b0b162e2d5e4aa9cdffce21c854b541
hash: b179f7979143d2ce07f3837099fd2940506d4f12
hash: b1f3ad0a7e4b8173baf9866d39807ceab0fa4ffe
hash: b269c1d6c4e2aea61ee7d8358e2f1a2408adf7df
hash: b314482e6346be36a4fae3a965dc4d21be5af020
hash: b42b7fb966498104e726eb675065a7590d765aa8
hash: b730bd077801f57a7e827ea00ec7fd964dfbaf7b
hash: b7fa31a6da1c95e599ce3078404b3efa4668a6bb
hash: b84bb9c557f5fa4168b09d93119b074d40df2d6b
hash: b96561eacb62a8d1b34d2b4fc037b00b04bb0c4f
hash: b9702d3ca9894f2cab51de43901b7f4c4a658eab
hash: ba79071ba7628916b4ced6ccb93d7fba82272f9a
hash: bae1bf585ed8abd948f7b2a0f337da4d1a31b5e5
hash: bcf22c449c1dadef96bc6042bcc18d20b4db2965
hash: bd2d6aa6ed5f3e394ea651693b6b9c28058ab370
hash: be8590abce6219aa6581df3d9411ecbbaa73e692
hash: c1f03e0e76ddce47826572a91865a946fdf01204
hash: c3a3978e874a377b5bb251a2267b11cf6dfe201b
hash: c53b91501151fa4bb820456b5ea1253cffb5070a
hash: c6249d3c4ea9dfbef0156c4dcf3999b0274ef270
hash: c70c8fec3387e5f32a798c0f697ce72df45b2b0c
hash: c71993c4c1e92a88059d1a278e29968af3aa84b2
hash: c789b6cc93f298cf7cce2975b53a970c9c5ee3bf
hash: c9d40e5f7effe57a16e6dfaef8aace617c82bd31
hash: caefe957befb93e0d20e9d1b4a114c574321be89
hash: cceca9475b29b0afe273fe1e00332e7d3ec52552
hash: cdb2b23a7cfe9b8776e757d67f094bbfebc02de3
hash: cdcfd4f8dfd5b815eed2b328899d1e55d8d6582d
hash: ce8060e2401ca49e9445122f57b467c07b8e4686
hash: ce9d108c0d0bf5a75c965b4cb04cb38b786108d4
hash: cf7c56e73b9dd670b500ae5d50f6d37a633794d1
hash: cfce69a52a25fd4924892dc1a1838bb196c1e3e8
hash: cfd72a92e2ddec0954dd43df5c06fe702673e606
hash: d11e9df40727d3ae453309c681654f07701a44e1
hash: d14d888744c49f7a7e67e5abc0955ccec2fc31b0
hash: d37d28a7dad9fab49b701ae734070cebcd2a2cb8
hash: d3af0cd42892e7075c31be4fd08271640c91ab90
hash: d53651fdc3a0c3cf42b83b3d20327be3b810aff0
hash: d685d34f929d1127a2f53b82435e1e1a81af8ce8
hash: d8447113afb073a363aebaeea377b3d0a151f65c
hash: d933d97e6725132ac717da4d21e3043d6406c8a8
hash: d9357152d648bcd9f83c4bd66e22187437f19d3a
hash: d93fc7c8b82719f0538ee33102fba689e562187e
hash: d9998997d0186467de88c41308df1351d64825d1
hash: dac0bfc8b9983ff1bff649d1648c8f9e30c8cb68
hash: dad2d61356bd57d7212e81d1f1b47f5153300e07
hash: dad97925ad91943de87879b00ec45be1ab6c29da
hash: dc4a4579cf784be3bba98a1ab2dd08d0c00a4cb1
hash: dd6c262538f5452a0dd343ce05eff7d0b463bbdf
hash: dee343519ad4a9b6c8a7be36b2c9c95a17a3a347
hash: e0b041f5ce0e4458782734dba455cc7c22927cbf
hash: e0fe2ab98dfad287feb9b08adfcf7ea6632e7c76
hash: e1627ed04f36c396f8d3a80ba2211429934b1e49
hash: e1d399818a2960b83184934e9c2f431e53fb88bc
hash: e400bb72044383747165f6a3d46fd85b4dfa0c52
hash: e43ad112bda98d4bd8c8c247cb37110d6e56a7a1
hash: e7f7b50b8eb4d52d60e33b2753c969518db223ae
hash: e8bb49debb66c90f3c82e1e2102b423889eb4560
hash: e9f602c7d6fd21b1a3e8d717a909f1419e778ab5
hash: ec381ffa97255fe6fe32f3e1c4cca0876b1c17c8
hash: ec49820ad8ac06a60300ac77a0d0d444f2e07269
hash: ed3525c36d61601a36e6f5908f1103ed397f111e
hash: ed4ff3cc664afea95b072af39b750e8bf6e4d7dc
hash: edbabb8d170d795ed9b7452e4f895e3d658f1868
hash: ef5f6cf6c7869ee6f2cb46430e0e9e9dc0a60376
hash: efa8335bad0bf75a130f61f7944d86ab253cba42
hash: f0ccc91433b7e6b6d47d9813cf6d9d86a9a28baf
hash: f12a2492385d382c11133c37265e4c3082f3b018
hash: f15759160ee919a9f41c6adc7f68937fe8fa879f
hash: f1936d99858a7facd6ee922073479a606844522b
hash: f235cb9abde5e88fa647f4b41370c84e56ce3099
hash: f39470c88f34fb639d291b59db595b1ab19a2900
hash: f3a028991baf032ddcb62f03276f030875675e13
hash: f3cbf93b861770bf88cbfb21018adaf89b853c47
hash: f48be90c73ddb5a0e273d4012ae20350495314ab
hash: f7fa8e5b4cebb4f83b3a15b8bc72251094785eee
hash: f80239f9376dfe08c35756910caadd49eaeae300
hash: f81607d4db058c20c5441f8a11b56c5190feae89
hash: f92a7fa4650d13b86693f32631ef4b6108f00125
hash: f9e34ab400bac027b10d1262966e66fbdea7751b
hash: fc6587c6b75c5a0ca4cf9ebd6ee1c01ac13ebb6b
hash: fd9de8e9ea59d972e9f0e63a6c3acbca03a7e5cb
hash: fe057c5e80b78a81f0f579b39a9cb11d78fd90a2
hash: fe977e8a2a03396d1a057a30cb02db88811573f5
hash: ff9a074df4c5f96c728aab29e3710fc31183694b

Source: AlienVault OTX General

Published: Wed Dec 17 2025

NuGet malware targets crypto wallets, OAuth tokens

Medium

Campaignnuget homoglyphs supply chain attack oauth netherеum.all coinbase.net.api googleads.api version bumping cryptocurrency wallet stealer t1036.005 t1204.002 t1055 t1185 t1588.001 t1552.001 t1528 t1588.002 t1056.004

Published: Wed Dec 17 2025 (12/17/2025, 21:22:37 UTC)

Source: AlienVault OTX General

Description

AI-Powered Analysis

AILast updated: 12/17/2025, 23:27:06 UTC

Technical Analysis

Potential Impact

Mitigation Recommendations

Affected Countries

Need more detailed analysis?Get Pro

Pro Feature

For access to advanced analysis and higher rate limits, contact root@offseq.com

Technical Details

Author: AlienVault
Tlp: white
References: ["https://www.reversinglabs.com/blog/nuget-malware-crypto-oauth-tokens"]
Adversary: null
Pulse Id: 69431f1d8da9595abdfc9c20
Threat Score: null

Indicators of Compromise

Hash

Value	Description	Copy
hash03ff8f5352e42dbb0f2e60ae9bc36b27c35860b3	—
hash05a29102d2769834b87cf8505cf64fb910625d1e	—
hash0655cdd206703064b2dfdda44393295f4e380bec	—
hash08aeac51c5af03a3dd769d339fb8a4b08729a4de	—
hash0907e15fceae4ac81383ea576a44b71ed1a9643a	—
hash09618bc8f2dde467890403b5ad71ab8349dd7339	—
hash0a70ea53f4ade70ce2616522ffb601ee1778c0ea	—
hash0ad97d12add68d0e998d40d69c9e4b189f4a9588	—
hash0b267bc5cbba9a96b3c7ecf56222776fccf8d13e	—
hash0efe44b572d3fd481cb16a47dd3b7516c104d4d2	—
hash10094b31992f597142dff3a01b16874459ca9d4b	—
hash10206b3d71e972a415c26d8275080a2b1d91554d	—
hash10e6d3c4bc327409b7f2af76be4153dbe470e0af	—
hash1128c17ebe42617d75277987b384a6a15f1d7000	—
hash11c46b9a5235b24370dec636e0bc2f8d8cfbc0ba	—
hash130b16b10b1e6a5e235097630f9b8fa2251fb7ce	—
hash14a567ef4b0c4cc480056d951dcca6d3648c5a73	—
hash157c0f2d09621c37d638fcc42d9c6bc7107f018f	—
hash16553a6418a4035c5a3c5b66482fad3189039beb	—
hash169539b741d054a01e91707d8ac0008474785b58	—
hash174716911ef4bec98a2defd165a27eb4752e61ad	—
hash182de4f79db336e706391ef7a3431a5a4cbfde77	—
hash1876c5cc5cb5d8c10aab3d4b479e1561f3fd5e6a	—
hash18df861bbf1b00ce4046dce4d952be5bf6f3f825	—
hash19774417312a7204716176d86101a53e1ec7de83	—
hash1a8549071a86de50bb78f51ed3e5ebfcd4c3942b	—
hash1a9493f509371d9dc1056958337d7b74798f5661	—
hash1a986ac0865ee9c34227b049d3959e3de14a6509	—
hash1c0d4ecd29ea197b41cd65409b89d9b8620812fe	—
hash1c9bd2aed6739155d256981990cfa814ce0f77b6	—
hash1cde8da0dd07326657eba749806541b767d93aac	—
hash1cf71a5de91d7a90673b389a15cffdfb3915682d	—
hash1f6dbf2a29e85ee6b31d57004125d42b73e079b5	—
hash20c146f2205a96925b14f18059aca1ff38d5dcb8	—
hash232a17f920a526ea6ef57b854589f97faeb53994	—
hash232f619a8444cd8b484ece901accb45a6be2df1e	—
hash29c4f29a2c6d7929eba10301f6d861a5591cbe56	—
hash2a32919bffc04b3c4c124b8383f5eedad457c4d5	—
hash2ce05bc2380a97fca39f84c54fc14f8c9a26545a	—
hash2d1007c76962cac395abb38a20216b7b02feae4a	—
hash310cdb353ba2dda94989f65b20de4f67e0cff93a	—
hash316a9b6cd308d2de74cf3bfcf51e75919b71e8ea	—
hash32876e3127fbbd329ba10ff2e2844aa8d5205b29	—
hash32ea26acb233b573b3e4f1b874f9768d11751e38	—
hash345a8837b87936cedf37f62e4a2014481a4e0d24	—
hash34da48fa43e4325ed448f47bd4570079b320dd22	—
hash36276d55f741825d42eff099d4f79b9c1b19a5a6	—
hash3654ff5509d494b29f418b042c7c8a02fe46a127	—
hash37b17099788e0b5b3f7b5c4a9175c271f43bc1f2	—
hash3841005cd1aacc0ae8f8f5907d38daefd1582b20	—
hash385b8a72dbd18dae1b8e4e310fcdbb38ed288307	—
hash3b20663a3e8605c09c11842809d78cce829eb0ee	—
hash3c094cd90d2f83b1c4e3f0a391ef0871d2ffaf95	—
hash3da74f705246b95e07c5d459488e5f48befe10f7	—
hash3e29b26f141cfb7532b6cfb277f32c7191b4b915	—
hash3f98fb94b3268e9c6e2c6cad120d762bd2c136bb	—
hash3fe9db489407533718e6246c4a56994561326da7	—
hash4083896f0c74c87b8e951880b40b98edd0829abc	—
hash40cd8703d940c4f3fe880c7292a6b92a099a7f5e	—
hash456eecf8311491a242c0984918936d422185a881	—
hash457136952da8784d6c4cede431d816d99b60c327	—
hash461a9192674bdf2c29fa586cdb7c2cd733d66663	—
hash4697e60cc77722eb3e7567899fb4a6d56db2487d	—
hash476411c66c27227574a51466d44a05d14c5cf647	—
hash47fa246f312ae447fa3849a33644fbdc91c1b3c5	—
hash4a43f89ce32f3c4c7dedfbd782c2cb4d3834478c	—
hash4d21fbe0c099b9e21db89fef5d167ba6593265ec	—
hash4e38e286139bdb93d9760279171634745e1f531d	—
hash4eb148d83d9a3f5c1187a9d8d5a0e85459fa9c87	—
hash5149d3e9eda7ae65116d7e0780294191c153de5c	—
hash51c5304ac9cb69505bc6182d05b0aa18356d01c7	—
hash52620426caf465180318147db633f2ce26efe35d	—
hash527d443f1049fe6f23f406463b51f125816ae1c7	—
hash528adc0d2e7a6e1357aa3676a69bc43648f99776	—
hash52b078c85b5a76d8f97feb3701d9d6ff0de4e284	—
hash52fd4d3a3e1f62fdffb94d5745bb0a543a3ff780	—
hash53997fafbe623aa5bda1ea56db224c8d8827d860	—
hash53d099e308b65232f2a878730ce01af9b85ea08c	—
hash5469b29c9848b785d9f993973f0fc59dff993dcd	—
hash5558c729ce1d1b0a9b7d9567bfc825686d4d13cc	—
hash56da8268211cd9b3806e8ad4a3d9f6b017773872	—
hash575dc8c4e7fb9deb3826f546c442c0c96364a0d7	—
hash57ec7112931de3ce7ba4502e1fa5299ad148085d	—
hash5853de4cfbbbf9313d0c07ed5f54d00acc57cec8	—
hash5882be86bda0108432d74f8b00364ef57bf7864f	—
hash58e42f6d7762505f5ef7d70caee8fe4fb3e6939f	—
hash59ccbc15564036c46447e510b040e9f0b3d65fe4	—
hash5cefe3a11a27572136c1363f963b7d3205c47915	—
hash5d337ae9885c310d02512e4fbdd80d4012410c4b	—
hash5dd1ed264cede60268515aaa4fedb4bb7c39e1f0	—
hash5f52ae106239e4f38ba278f575216736a3541ae0	—
hash5fc1b9d3d1bfc8033cd22e59dc3b0e1084c2abb1	—
hash5fcaa9633c79ee0fe0b92d1a50e0c855a7a339ac	—
hash60a10913c7209c169c08cc95415501228ed6c190	—
hash61b9de7fcc3e50533afbe6684bfadc8a7a3116e4	—
hash62d0408d04580c9269f18efc5f6ef77b138d6c07	—
hash64b83f8346be100e472a1a98f96c5285a6781396	—
hash667422e49dd772521d98afdb5e3d1b28932ef92e	—
hash67b720c373f2f419c1a9dfa9076623676d0d9e9a	—
hash6911ebd9335115c217ad996c66d3cf283b03503d	—
hash6933371ae2bf4cf4fa5af8fb22b8d7a5afdf1334	—
hash6a46ddaa83ca62ba5051741b9c7d3ca0821b7592	—
hash6a482d405135104991292e75b1c1483463a3fc64	—
hash6aa4a534ced10e137992ff514fbdccc590032899	—
hash6ab4ea8808fbeca07b627d93b4623ed7a8c855f1	—
hash6b01128dd88845de610cbcc95b61930cefab5fdd	—
hash6e6416fe7df1febc384301d1e57d6d6d0fe419a5	—
hash70fd70c3b07899c472724e08af492c07fba02f4f	—
hash716142789814a181bd0b207e36255c0eacae3918	—
hash71f5b45a7ea86737fd83e7af3edc549244e1143a	—
hash73dcf1d461b0d2b3ebeee56c61458475e2c22575	—
hash746620fd7a2e95935afbe299ded82fd88c108ca7	—
hash746cfd19100f7c33e3c459d68fa98849bfb4774c	—
hash78aee77335e800a51d7bce8cfd8d7da272e32750	—
hash7a0304bbde9782b6a903c67b0ebc4684aff21692	—
hash7a39bf8e572fce19a18909f3d022b231e0e14eb7	—
hash7add61312ddd21f524c253a67ae2d85be4f99d19	—
hash7b5b190ca5778fa1d3116734c0cbc1ccdb883817	—
hash7ce96efdf37c1b98b7f801363dd4c639a46663a2	—
hash7dcf458ce124b1ef88ab456c052a5989c213818a	—
hash7e01e044c480c7e3647be88da1b8741e3304a561	—
hash7e55a5e24829ab196ff26f6d8ee40d2c9ff45343	—
hash82f96da4cf96d076848e7358f6dd24c089bbf5e2	—
hash83bf02af6b681182a274c0d60e35b5bf3cdcfefa	—
hash86819f74f2c0c97a69266cb0a17c63bb31b9651a	—
hash86b1d3712644631b1b363e74a393816646232816	—
hash87c22069e002f28cd5ae615c8d603b8e4c67a817	—
hash87c46a3997de4c5c8b51bab0e3b5021726237fac	—
hash88ffc7ec5175a136f34841af704c4b469548ec37	—
hash8a2ac011763b06aaf566d23892391e563bda7c36	—
hash8b1a06de6635be56009d8eec236bdad18734f9ab	—
hash8b264896adeca78c1bd653c288321800a16e1f95	—
hash8b53f692a1bbc0be65cfc161f0cf90c6be3c698e	—
hash8c69d88224b6b7a1e3069ad44e07dcf6c1fc9696	—
hash8e88e49530b464e5d22a03b57cd47b03d5af30d9	—
hash8ea2556c2e0b3a36acbaf6397977cd9888ebc222	—
hash8f812048e7471867c2322481a3c4ebdcbe9fb8d6	—
hash8fe92eb9e875a51629dd48660cf6d3fbbf28df01	—
hash901151376b9c44b8d25dfa55d9e35a6862bcd808	—
hash90a3fba12c7c394b5b6e60d68f5fc0dea8a1994f	—
hash90d272a5e53d9d128e826216742ab7e149055e72	—
hash916a5f26c3ae694620dd69c3d9c807907982aaf4	—
hash916ad2a01cef76047ef622e7701f79c671710202	—
hash92bc8caa5a736faaa9a576763cd8fa04ce627702	—
hash953491446afeb169c0247c3afe9df83ff1c3c860	—
hash96342bf9937286e863fb794ed3a74dd18e8dfc07	—
hash971715a2a50fd2ec54a50f2679fc4cbca2306fc0	—
hash9812aac1de9c57b006cb3355ec3cc1d879c8e3b6	—
hash9891b0fae7769adbe3fb986748d5dc84202169cc	—
hash991ba17dc340c3a33dded6199ee2529a06b41674	—
hash994a072c85febd71f65ca470b0fbf6fafce64b38	—
hash99a80f47cf5439877088c23b061331ddac8f346f	—
hash99b88373d48273c2a2d2e9ac4b4680f19312f3aa	—
hash9a020d9727e3ef215c5aba35e68ec420ce892d78	—
hash9a084686fb5dd62aefd59a9c8bddb07e8eb6fbe9	—
hash9a18401c7d8aff223c5b0cd7d4ee6a989afdbf63	—
hash9bef50f330c4f6bbd62897b320847418688afe10	—
hash9d3d7573979e22fb11da05db3ec004b18aae08d5	—
hash9fe95bc153e64854c8c3c11ff406f8df1db5b00c	—
hasha02ed8ef30323f3cdd54df42d564a035ab52317e	—
hasha16281e36ac1376268f90f8c9656dcafb02f418b	—
hasha301153605eee5a2ffb80728d9c8d4d122026e76	—
hasha3a8e75f7b6c66373a38820296f1837026988734	—
hasha3e7690e1af94641351aab1e2203674dcd5c768a	—
hasha3f3b9ce5e89ccb36de9566d4f12b0c495554a18	—
hasha4c70c1803b9a81f88c967b738c36830c8555a66	—
hasha5e35d3b9ef6766bac1d66103788c5595d47953c	—
hasha6a0452dded3a963fa403fc5ade9a89acf92bb74	—
hasha845202d5040185974d1a986eb42380d4c1662f6	—
hashaa23a65caddade19ade5c99122dff8a5bd5ec513	—
hashaa7f08a8def57c9adfa04174d0730139303fb9a1	—
hashab0eb4dbc78441868951a03d0cc639ec8eaf2e8d	—
hashab6557c3b350facfef4abbd351365368e38017c5	—
hashac1bf32b2ebe1cb70622fa3fdc65a066001e16e4	—
hashad14acc3862e0ef5a096d6f744358131a8be0fae	—
hashad5869daa3a63889f953158f84e0f1a99de2c516	—
hashad77ae6f47d60a5218d5fcab7fcd0fc7ddfc5d44	—
hashae33843dfe79475f3f58374a16eec7b175392d3b	—
hashae908e3dab4a228b03b2e32156ace35e7bad79ce	—
hashaf925a1604b0aed3c72c75a9c001082a079ec523	—
hashb146df7b3b0b162e2d5e4aa9cdffce21c854b541	—
hashb179f7979143d2ce07f3837099fd2940506d4f12	—
hashb1f3ad0a7e4b8173baf9866d39807ceab0fa4ffe	—
hashb269c1d6c4e2aea61ee7d8358e2f1a2408adf7df	—
hashb314482e6346be36a4fae3a965dc4d21be5af020	—
hashb42b7fb966498104e726eb675065a7590d765aa8	—
hashb730bd077801f57a7e827ea00ec7fd964dfbaf7b	—
hashb7fa31a6da1c95e599ce3078404b3efa4668a6bb	—
hashb84bb9c557f5fa4168b09d93119b074d40df2d6b	—
hashb96561eacb62a8d1b34d2b4fc037b00b04bb0c4f	—
hashb9702d3ca9894f2cab51de43901b7f4c4a658eab	—
hashba79071ba7628916b4ced6ccb93d7fba82272f9a	—
hashbae1bf585ed8abd948f7b2a0f337da4d1a31b5e5	—
hashbcf22c449c1dadef96bc6042bcc18d20b4db2965	—
hashbd2d6aa6ed5f3e394ea651693b6b9c28058ab370	—
hashbe8590abce6219aa6581df3d9411ecbbaa73e692	—
hashc1f03e0e76ddce47826572a91865a946fdf01204	—
hashc3a3978e874a377b5bb251a2267b11cf6dfe201b	—
hashc53b91501151fa4bb820456b5ea1253cffb5070a	—
hashc6249d3c4ea9dfbef0156c4dcf3999b0274ef270	—
hashc70c8fec3387e5f32a798c0f697ce72df45b2b0c	—
hashc71993c4c1e92a88059d1a278e29968af3aa84b2	—
hashc789b6cc93f298cf7cce2975b53a970c9c5ee3bf	—
hashc9d40e5f7effe57a16e6dfaef8aace617c82bd31	—
hashcaefe957befb93e0d20e9d1b4a114c574321be89	—
hashcceca9475b29b0afe273fe1e00332e7d3ec52552	—
hashcdb2b23a7cfe9b8776e757d67f094bbfebc02de3	—
hashcdcfd4f8dfd5b815eed2b328899d1e55d8d6582d	—
hashce8060e2401ca49e9445122f57b467c07b8e4686	—
hashce9d108c0d0bf5a75c965b4cb04cb38b786108d4	—
hashcf7c56e73b9dd670b500ae5d50f6d37a633794d1	—
hashcfce69a52a25fd4924892dc1a1838bb196c1e3e8	—
hashcfd72a92e2ddec0954dd43df5c06fe702673e606	—
hashd11e9df40727d3ae453309c681654f07701a44e1	—
hashd14d888744c49f7a7e67e5abc0955ccec2fc31b0	—
hashd37d28a7dad9fab49b701ae734070cebcd2a2cb8	—
hashd3af0cd42892e7075c31be4fd08271640c91ab90	—
hashd53651fdc3a0c3cf42b83b3d20327be3b810aff0	—
hashd685d34f929d1127a2f53b82435e1e1a81af8ce8	—
hashd8447113afb073a363aebaeea377b3d0a151f65c	—
hashd933d97e6725132ac717da4d21e3043d6406c8a8	—
hashd9357152d648bcd9f83c4bd66e22187437f19d3a	—
hashd93fc7c8b82719f0538ee33102fba689e562187e	—
hashd9998997d0186467de88c41308df1351d64825d1	—
hashdac0bfc8b9983ff1bff649d1648c8f9e30c8cb68	—
hashdad2d61356bd57d7212e81d1f1b47f5153300e07	—
hashdad97925ad91943de87879b00ec45be1ab6c29da	—
hashdc4a4579cf784be3bba98a1ab2dd08d0c00a4cb1	—
hashdd6c262538f5452a0dd343ce05eff7d0b463bbdf	—
hashdee343519ad4a9b6c8a7be36b2c9c95a17a3a347	—
hashe0b041f5ce0e4458782734dba455cc7c22927cbf	—
hashe0fe2ab98dfad287feb9b08adfcf7ea6632e7c76	—
hashe1627ed04f36c396f8d3a80ba2211429934b1e49	—
hashe1d399818a2960b83184934e9c2f431e53fb88bc	—
hashe400bb72044383747165f6a3d46fd85b4dfa0c52	—
hashe43ad112bda98d4bd8c8c247cb37110d6e56a7a1	—
hashe7f7b50b8eb4d52d60e33b2753c969518db223ae	—
hashe8bb49debb66c90f3c82e1e2102b423889eb4560	—
hashe9f602c7d6fd21b1a3e8d717a909f1419e778ab5	—
hashec381ffa97255fe6fe32f3e1c4cca0876b1c17c8	—
hashec49820ad8ac06a60300ac77a0d0d444f2e07269	—
hashed3525c36d61601a36e6f5908f1103ed397f111e	—
hashed4ff3cc664afea95b072af39b750e8bf6e4d7dc	—
hashedbabb8d170d795ed9b7452e4f895e3d658f1868	—
hashef5f6cf6c7869ee6f2cb46430e0e9e9dc0a60376	—
hashefa8335bad0bf75a130f61f7944d86ab253cba42	—
hashf0ccc91433b7e6b6d47d9813cf6d9d86a9a28baf	—
hashf12a2492385d382c11133c37265e4c3082f3b018	—
hashf15759160ee919a9f41c6adc7f68937fe8fa879f	—
hashf1936d99858a7facd6ee922073479a606844522b	—
hashf235cb9abde5e88fa647f4b41370c84e56ce3099	—
hashf39470c88f34fb639d291b59db595b1ab19a2900	—
hashf3a028991baf032ddcb62f03276f030875675e13	—
hashf3cbf93b861770bf88cbfb21018adaf89b853c47	—
hashf48be90c73ddb5a0e273d4012ae20350495314ab	—
hashf7fa8e5b4cebb4f83b3a15b8bc72251094785eee	—
hashf80239f9376dfe08c35756910caadd49eaeae300	—
hashf81607d4db058c20c5441f8a11b56c5190feae89	—
hashf92a7fa4650d13b86693f32631ef4b6108f00125	—
hashf9e34ab400bac027b10d1262966e66fbdea7751b	—
hashfc6587c6b75c5a0ca4cf9ebd6ee1c01ac13ebb6b	—
hashfd9de8e9ea59d972e9f0e63a6c3acbca03a7e5cb	—
hashfe057c5e80b78a81f0f579b39a9cb11d78fd90a2	—
hashfe977e8a2a03396d1a057a30cb02db88811573f5	—
hashff9a074df4c5f96c728aab29e3710fc31183694b	—

Threat ID: 69433981058703ef3fd4727f

Added to database: 12/17/2025, 11:15:13 PM

Last enriched: 12/17/2025, 11:27:06 PM

Last updated: 12/18/2025, 12:21:54 PM

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Related Threats

UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager

Medium

CampaignWed Dec 17 2025

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

NuGet malware targets crypto wallets, OAuth tokens

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Affected Countries

Indicators of Compromise

NuGet malware targets crypto wallets, OAuth tokens

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Affected Countries

Technical Details

Indicators of Compromise

Hash

Community Reviews

Related Threats

UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager

BlueDelta’s Persistent Campaign Against UKR.NET

GachiLoader: Defeating Node.js Malware with API Tracing

From Linear to Complex: An Upgrade in RansomHouse Encryption

A new campaign by the ForumTroll APT group

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility