← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Fake Blockchain Games Deliver RedLine Stealer & Realst Stealer - A New macOS Infostealer Malware - Malware research
WHITE dekaRituraj 2023-07-26 Modified: 2023-08-25
241
IOCs
HIGH VOLUME
johnsmithwebmachofq4444execution chainsha256redline stealerhttpspost requestjohnsmithprborderlauncherclickredlinediscordpythonopencommentstealerchatsteamfalsedownloadhelloaprileasynsisjamesjohncodeinstallrustpathmozilla
Indicators of Compromise (40 / 241 total)
All URL FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
URL https://drunk-robots.com/ 2023-07-26
URL http://167.172.103.83:8080/analytics 2023-07-26
URL http://167.172.103.83:8080/opened 2023-07-26
URL http://212.113.116.143:23052 2023-07-26
URL http://212.113.116.143:29996 2023-07-26
URL http://212.113.116.143:46628 2023-07-26
URL http://77.91.84.110:5000/opened 2023-07-26
URL http://77.91.84.110:5000/send_analytics 2023-07-26
URL http://77.91.84.110:8000/analytics 2023-07-26
URL http://77.91.84.110:8000/opened 2023-07-26
URL http://78.153.130.209:29996 2023-07-26
URL http://cdn.olympreptiles.com/launcher.php 2023-07-26
URL http://evoliongame.com/Evolion%20Launcher.exe 2023-07-26
URL http://evoliongame.com/Evolion.rar 2023-07-26
URL http://evoliongame.com/Evolion\/Evolion%20Launcher.exe 2023-07-26
URL http://launchersgame.eu-4.evennode.com/getbytes/d 2023-07-26
URL http://olympreptiles.com/check.php 2023-07-26
URL http://olympreptiles.com/download.php 2023-07-26
URL http://pearlapi.eu-4.evennode.com/bytes 2023-07-26
URL http://pearlmetaverse.io/ 2023-07-26
URL http://sandersrocketaa.eu-4.evennode.com/getbytes/g 2023-07-26
URL https://api.db-ip.com/v2/free/self 2023-07-26
URL https://brawlearth.com/linktree/ 2023-07-26
URL https://dawnland2.eu-4.evennode.com/bytes 2023-07-26
URL https://evoliongame.com/Evolion.sfx.exe 2023-07-26
URL https://goldmand.io/ 2023-07-26
URL https://guardians-game.com/api.php 2023-07-26
URL https://guardians-game.com/api.php' 2023-07-26
URL https://guardians-game.com/message.php 2023-07-26
URL https://guardians-game.com/message.php' 2023-07-26
URL https://hyperspace.xyz/collection/playdestruction 2023-07-26
URL https://launchersgame.eu-4.evennode.com/getbytes/d 2023-07-26
URL https://peallandik.eu-4.evennode.com/bytes 2023-07-26
URL https://pearlapi.eu-4.evennode.com/bytes 2023-07-26
URL https://playdestruction.com/api.php 2023-07-26
URL https://sandersrocketaa.eu-4.evennode.com/getbytes/g 2023-07-26
URL https://wp.olympreptiles.com/olymp-of-reptiles-whitepaper/introduction/olymp-of-reptiles 2023-07-26
URL https://www.avania.io/ 2023-07-26
URL https://www.caveworld.com/ 2023-07-26
URL https://www.tearingspaces.com/ 2023-07-26
References (1)
↗ https://iamdeadlyz.gitbook.io/malware-research/july-2023/fake-blockchain-games-deliver-redline-stealer-and-realst-stealer-a-new-macos-infostealer-malware#iocs