MINT STEALER: Running by a BulletProof Hoster

216.73.216.6

MINT STEALER: Running by a BulletProof Hoster

· Published 16/08/2024 13:53 · Modified 16/08/2024 14:21

Essential information

Published: 16/08/2024 13:53
Modified: 16/08/2024 14:21
Tags: 2024-08-16 cash ransomware mint stealer python
Related entities: 20 observables, 1 intrusion sets (apt), 20 techniques (mitre), 3 malware, 8 others

Description

This article provides an analysis of the Mint Stealer, a Python-based information stealer capable of harvesting sensitive data from infected machines. It delves into the stealer's functionality, history, and the infrastructure behind its operations, including its link to a bulletproof hosting service called Cash Hosting run by a threat actor known as 'Artem.' The analysis covers the offensive services offered by Artem, such as Cash RAT, Cash Ransomware, and Amail Hosting, as well as the malware's code analysis, attack vectors, and indicators of compromise (IOCs).

External references

https://medium.com/coinmonks/mint-stealer-running-by-a-bulletproof-hoster-0983df47a411
https://otx.alienvault.com/pulse/66bf59f4d5e2a3b05f08e70d