ioc[.]one - OSINT Cyber Threat Intelligence Database

Cybercriminal Campaign Spreads Infostealers, Highlighting Risks to Web3 Gaming

Show in Graph

Common Information

Type	Value
UUID	b08dcc48-eab8-4fca-9486-be5d9647dde2
Fingerprint	011418371d9cb7591535d785b7f7117ec6d5ad1705a7230e23c0d30c51a58932
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 10, 2024, 9:51 a.m.
Added to db	June 2, 2024, 10:14 a.m.
Last updated	Aug. 31, 2024, 7:44 a.m.
Headline	Cybercriminal Campaign Spreads Infostealers, Highlighting Risks to Web3 Gaming
Title	Cybercriminal Campaign Spreads Infostealers, Highlighting Risks to Web3 Gaming
Detected Hints/Tags/Attributes	162/4/150

Source URLs

	Redirection	Url
Details	Source	https://go.recordedfuture.com/hubfs/reports/cta-2024-0411.pdf

URL Provider

Details	Provider	Source level domain
Details	recordedfuture.com	go.recordedfuture.com

Attributes

Details	Type	#Events	Value
Details	Autonomous System Number	4	AS210352
Details	Domain	546	www.recordedfuture.com
Details	Domain	1	alteration.io
Details	Domain	5	pixeldrain.com
Details	Domain	2	astration.io
Details	Domain	2	astrationplay.com
Details	Domain	2	gameastration.com
Details	Domain	40	dropbox.com
Details	Domain	5	testload.pythonanywhere.com
Details	Domain	1	pythonanywhere.com
Details	Domain	2	dustfighter.io
Details	Domain	1	amesys1.com
Details	Domain	2	a-1specialized.com
Details	Domain	2	cosmicwayrb.org
Details	Domain	5	argongame.com
Details	Domain	2	vether.org
Details	Domain	2	ai-zerolend.xyz
Details	Domain	2	argongame.fun
Details	Domain	2	argongame.network
Details	Domain	2	argongame.xyz
Details	Domain	2	astrationgame.com
Details	Domain	2	astrationgame.io
Details	Domain	2	astrationplay.io
Details	Domain	2	blastl2.net
Details	Domain	2	crypterium.world
Details	Domain	2	crypteriumplay.com
Details	Domain	2	crypteriumplay.io
Details	Domain	3	crypteriumworld.io
Details	Domain	2	dustfighter.space
Details	Domain	4	dustfightergame.com
Details	Domain	2	dustoperation.xyz
Details	Domain	2	playastration.com
Details	Domain	2	playcrypterium.com
Details	Domain	2	playcrypterium.io
Details	Domain	2	vether-testers.org
Details	Domain	2	worldcrypterium.io
Details	Domain	265	recordedfuture.com
Details	File	1	astration.dmg
Details	File	1	astration.exe
Details	File	1	f95721327cee196f.php
Details	File	13	1.png
Details	File	1	elevate.exe
Details	File	174	index.js
Details	File	156	package.json
Details	File	7	preload.js
Details	File	32	start.bat
Details	File	816	index.html
Details	File	74	main.js
Details	File	62	script.js
Details	File	4	testload.py
Details	File	104	sqlite3.dll
Details	File	44	freebl3.dll
Details	File	51	mozglue.dll
Details	File	51	msvcp140.dll
Details	File	71	nss3.dll
Details	File	41	softokn3.dll
Details	File	69	vcruntime140.dll
Details	File	208	setup.exe
Details	File	1	5f550f6a2f.php
Details	File	3	launcher.dmg
Details	File	57	installer.exe
Details	md5	1	b2e2859dd87628d046ac9da224b435d0
Details	md5	1	9dd856d9ad3ede926aa5e1dc9903ffe8
Details	md5	1	ea592d5ca0350a3e46e3de9c6add352c
Details	md5	1	d923206d1dcc45244e7a0a3c049462a4
Details	md5	1	0d9877eefd26756e2ecee3d806d60cb7
Details	md5	1	2bcb33d880f06e2f0e12c7c85d963426
Details	md5	1	c299089aca754950f7427e6946a980ce
Details	md5	1	dfded633ab3d55ca0aa5313bb2cc316c
Details	md5	1	56a11900f952776d17637e9186e39547
Details	md5	1	39c0d9039bf7c0aa7605a00a61bd6543
Details	md5	1	0ed67ebecabb5fd7c4d41e521054154d
Details	md5	1	bda0712845cb6f1b5b403c9f4d71ed4a
Details	sha256	1	947082247a1e4524cff2181df1b61e77e60effaa9da247f5f2a4b9efdbcc0f6d
Details	sha256	1	93bec9e0155233f4d754cfb322d361c32949afbd424c20203c89bdd534596fd1
Details	sha256	1	9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37
Details	sha256	1	9ecc30bbc94248260a9196bc542b8366e8a97ed92417e00165c0acce111402b0
Details	sha256	1	eca8ff386f4e3eab94010e82ded9ee702969e22ac61b8c5b28339924d7da39d0
Details	sha256	2	fabfe1bcce7eade07a30ff7d073859e2a8654c41da1f784d3b58da40aaeef682
Details	sha256	1	3df8da4c0e5f3712c190e1c29bef5e2c1dc669332060a737b29353c44f4139f7
Details	sha256	2	f6893fba30db87c2415a1e44b1f03e5e57ac14f9dbd2c3b0c733692472f099fd
Details	sha256	2	434878a4416201b4f26d1414be9126ae562c9f5be3f65168e48c0e95560460ac
Details	sha256	2	073d524d8fc005acc05162f2e8574688a076d7888ec180c0ff78cab09b92ce95
Details	sha256	2	0d9877eefd26756e2ecee3d806d60cb72bcb33d880f06e2f0e12c7c85d963426
Details	sha256	2	0ed67ebecabb5fd7c4d41e521054154dbda0712845cb6f1b5b403c9f4d71ed4a
Details	sha256	2	4841020c8bd06b08fde6e44cbe2e2ab33439e1c8368e936ec5b00dc0584f7260
Details	sha256	2	5136a49a682ac8d7f1ce71b211de8688fce42ed57210af087a8e2dbc8a934062
Details	sha256	2	56a11900f952776d17637e9186e3954739c0d9039bf7c0aa7605a00a61bd6543
Details	sha256	2	63724fbab837988311a551d4d9540577f822e23c49864095f568324352c0d1fd
Details	sha256	2	74ebbac956e519e16923abdc5ab8912098a4f64e38ddcb2eae23969f306afe5a
Details	sha256	2	7d35dd19ee508c74c159e82f99c0483114e9b5b30f9bc2bd41c37b83cfbcd92d
Details	sha256	2	8934aaeb65b6e6d253dfe72dea5d65856bd871e989d5d3a2a35edfe867bb4825
Details	sha256	2	8d7df60dd146ade3cef2bfb252dfe81139f0a756c2b9611aaa6a972424f8af85
Details	sha256	2	ac5c92fe6c51cfa742e475215b83b3e11a4379820043263bf50d4068686c6fa5
Details	sha256	2	b2e2859dd87628d046ac9da224b435d09dd856d9ad3ede926aa5e1dc9903ffe8
Details	sha256	2	ba06a6ee0b15f5be5c4e67782eec8b521e36c107a329093ec400fe0404eb196a
Details	sha256	2	c299089aca754950f7427e6946a980cedfded633ab3d55ca0aa5313bb2cc316c
Details	sha256	2	ccd6375cd513412c28a4e8d0fdedf6603f49a4ac5cd34ddd53cc72f08209bd83
Details	sha256	2	e1657101815c73d9efd1a35567e6da0e1b00f176ac7d5a8d3f88b06a5602c320
Details	sha256	2	ea592d5ca0350a3e46e3de9c6add352cd923206d1dcc45244e7a0a3c049462a4
Details	sha256	2	edd043f2005dbd5902fc421eabb9472a7266950c5cbaca34e2d590b17d12f5fa
Details	sha256	2	f5e3f5d769efc49879b640334d6919bdb5ba7cae403317c8bd79d042803e20ce
Details	IPv4	2	5.42.65.55
Details	IPv4	2	5.42.65.107
Details	IPv4	2	193.163.7.160
Details	IPv4	2	89.105.201.132
Details	IPv4	2	144.76.184.11
Details	IPv4	4	5.42.64.83
Details	IPv4	2	5.42.65.102
Details	IPv4	2	5.42.65.106
Details	IPv4	2	5.42.66.22
Details	IPv4	2	5.42.67.1
Details	IPv4	2	31.31.196.178
Details	IPv4	2	31.31.196.161
Details	IPv4	2	82.115.223.26
Details	MITRE ATT&CK Techniques	75	T1001
Details	MITRE ATT&CK Techniques	534	T1005
Details	MITRE ATT&CK Techniques	501	T1012
Details	MITRE ATT&CK Techniques	627	T1027
Details	MITRE ATT&CK Techniques	422	T1041
Details	MITRE ATT&CK Techniques	480	T1053
Details	MITRE ATT&CK Techniques	433	T1057
Details	MITRE ATT&CK Techniques	695	T1059
Details	MITRE ATT&CK Techniques	444	T1071
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	550	T1112
Details	MITRE ATT&CK Techniques	99	T1132.001
Details	MITRE ATT&CK Techniques	60	T1202
Details	MITRE ATT&CK Techniques	420	T1204
Details	MITRE ATT&CK Techniques	106	T1204.001
Details	MITRE ATT&CK Techniques	365	T1204.002
Details	MITRE ATT&CK Techniques	238	T1497
Details	MITRE ATT&CK Techniques	99	T1539
Details	MITRE ATT&CK Techniques	113	T1552
Details	MITRE ATT&CK Techniques	89	T1552.001
Details	MITRE ATT&CK Techniques	298	T1562.001
Details	MITRE ATT&CK Techniques	409	T1566
Details	MITRE ATT&CK Techniques	82	T1583.001
Details	MITRE ATT&CK Techniques	21	T1583.006
Details	MITRE ATT&CK Techniques	22	T1583.008
Details	MITRE ATT&CK Techniques	9	T1585.001
Details	MITRE ATT&CK Techniques	56	T1587
Details	MITRE ATT&CK Techniques	16	T1589.001
Details	MITRE ATT&CK Techniques	16	T1592.002
Details	MITRE ATT&CK Techniques	16	T1657
Details	Url	1	https://testload.pythonanywhere.com/getbytes/c
Details	Url	3	http://testload.pythonanywhere.com/getbytes/f
Details	Url	1	http://testload.pythonanywhere.com/getbytes/f.
Details	Url	1	http://193.163.7.160/5bc7610c0d155ffb
Details	Url	1	http://89.105.201.132/ee986434f3f052d4