← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
MINT STEALER: Running by a BulletProof Hoster
WHITE Artem AlienVault 2024-08-16 Modified: 2024-09-15
30
IOCs
MEDIUM VOLUME
This article provides an analysis of the Mint Stealer, a Python-based information stealer capable of harvesting sensitive data from infected machines. It delves into the stealer's functionality, history, and the infrastructure behind its operations, including its link to a bulletproof hosting service called Cash Hosting run by a threat actor known as 'Artem.' The analysis covers the offensive services offered by Artem, such as Cash RAT, Cash Ransomware, and Amail Hosting, as well as the malware's code analysis, attack vectors, and indicators of compromise (IOCs).
pythonmint stealercash ransomware
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Mint Stealer Cash Ransomware Cash RAT
Indicators of Compromise (30)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain email
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 33559005506dae5967c8ddeaa8a65f5b 2024-08-16
FileHash-MD5 3832f42b8a1655a1ff2cce00aec7435b 2024-08-16
FileHash-MD5 4629bd8e5e8cfe7256d1505e444c7db8 2024-08-16
FileHash-MD5 69cc2e20ea7a51666b8c14be90441073 2024-08-16
FileHash-MD5 7dda8c4e9ac5fe4603e4674c31f9c8bb 2024-08-16
FileHash-MD5 9f037593071344bc1354e5a619f914f4 2024-08-16
FileHash-MD5 a1671d1d339b188fa3f437e79ccf21d1 2024-08-16
FileHash-MD5 a3d27166eb3a33cc84294c54ade0490d 2024-08-16
FileHash-MD5 ac449f08bd7edcecabfbf7c1231c02e8 2024-08-16
FileHash-MD5 afefdbd2bf7a6a622eaf09ab4a1adb3b 2024-08-16
FileHash-MD5 c66ee818a2295aac69baa17df301de34 2024-08-16
FileHash-MD5 e6e620e5cac01f73d0243dc9cf684193 2024-08-16
FileHash-SHA1 0d3c40848c443d4c7dbada45fe976cb9f616c9c2 2024-08-16
FileHash-SHA1 0e2dde6cfd3229273c1f43d9dd9a3ffaa9c1a6e5 2024-08-16
FileHash-SHA1 1d000b02ca751864296f225225c0cb0ba9b5129b 2024-08-16
FileHash-SHA1 376a3e2d6210437fa4b6976042f0cd376b0762cc 2024-08-16
FileHash-SHA1 6a3c7d3267c5c2a679f5f41dff36c091dccfb337 2024-08-16
FileHash-SHA1 d3947a80f0c1aa1c7f743fcaa74b949ee35b1c83 2024-08-16
FileHash-SHA256 1064ab9e734628e74c580c5aba71e4660ee3ed68db71f6aa81e30f148a5080fa 2024-08-16
FileHash-SHA256 5525d297a346b80912c4f5ec0ac4875e9d49f96d01e52c10df5c064bd803bd79 2024-08-16
FileHash-SHA256 87fb26371ed0229ba3706a76b11520bfe751a443e6598fa39d2a382facfb67eb 2024-08-16
FileHash-SHA256 8a76f4b2e67675ced5ce4b8e1085796b8d32cd76c6fe16e72d6ea975fbb32f87 2024-08-16
FileHash-SHA256 958ccd8e8dcce5e7bac5f891e8edc42ad6c5497d9385c8ae26c328c5f7beda24 2024-08-16
FileHash-SHA256 db47e673cccdbe2abb11cc07997aeabf4d2bdc9bec286674b58c6baafa09b823 2024-08-16
domain amail.wtf 2024-08-16
domain artem.icu 2024-08-16
domain fileditch.com 2024-08-16
domain mint-c2.top 2024-08-16
email anticoco@bpe.cash 2024-08-16
email dolores@bpe.cash 2024-08-16
References (1)
↗ https://medium.com/coinmonks/mint-stealer-running-by-a-bulletproof-hoster-0983df47a411