MintsLoader: StealC and BOINC Delivery
Essential information
- Published
- 20/01/2025 11:09
- Modified
- 20/01/2025 11:47
- Tags
- 2025-01-20 boinc information stealer mintsloader stealc
- Related entities
- 68 observables, 18 techniques (mitre), 3 malware, 3 others
Description
The eSentire Threat Response Unit identified a campaign involving MintsLoader, a PowerShell-based malware loader, delivering payloads like Stealc and BOINC client. MintsLoader uses a Domain Generation Algorithm and anti-VM techniques to evade detection. The infection process begins with a spam email link downloading a JScript file, which then executes PowerShell commands to retrieve and execute the malware stages. StealC, an information stealer, is delivered as the final payload, targeting sensitive data from browsers, applications, and crypto-wallets. The campaign affected organizations in the US and Europe, primarily in the Electricity, Oil & Gas, and Legal Services industries.