← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
MINT STEALER: Running by a BulletProof Hoster
WHITE Artem AlienVault 2024-08-16 Modified: 2024-09-15
30
IOCs
MEDIUM VOLUME
This article provides an analysis of the Mint Stealer, a Python-based information stealer capable of harvesting sensitive data from infected machines. It delves into the stealer's functionality, history, and the infrastructure behind its operations, including its link to a bulletproof hosting service called Cash Hosting run by a threat actor known as 'Artem.' The analysis covers the offensive services offered by Artem, such as Cash RAT, Cash Ransomware, and Amail Hosting, as well as the malware's code analysis, attack vectors, and indicators of compromise (IOCs).
pythonmint stealercash ransomware
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Mint Stealer Cash Ransomware Cash RAT
Indicators of Compromise (6 / 30 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain email
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 0d3c40848c443d4c7dbada45fe976cb9f616c9c2 2024-08-16
FileHash-SHA1 0e2dde6cfd3229273c1f43d9dd9a3ffaa9c1a6e5 2024-08-16
FileHash-SHA1 1d000b02ca751864296f225225c0cb0ba9b5129b 2024-08-16
FileHash-SHA1 376a3e2d6210437fa4b6976042f0cd376b0762cc 2024-08-16
FileHash-SHA1 6a3c7d3267c5c2a679f5f41dff36c091dccfb337 2024-08-16
FileHash-SHA1 d3947a80f0c1aa1c7f743fcaa74b949ee35b1c83 2024-08-16
References (1)
↗ https://medium.com/coinmonks/mint-stealer-running-by-a-bulletproof-hoster-0983df47a411