Fake Atomic Wallet Website Distributing Mars Stealer
Tags
cmtmf-attack-pattern: Obfuscated Files Or Information
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Credentials From Password Stores - T1555 Hide Artifacts - T1564 Malware - T1587.001 Malware - T1588.001 Obfuscated Files Or Information - T1406 System Information Discovery - T1426 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Steal Application Access Token - T1528 Steal Application Access Token - T1635 Steal Web Session Cookie - T1539 Unsecured Credentials - T1552 Browser Extensions - T1176 Exfiltration Over Command And Control Channel - T1041 Obfuscated Files Or Information - T1027 Powershell - T1086 System Information Discovery - T1082 User Execution - T1204 User Execution
Show in Graph
Common Information
Type Value
UUID 4eb69d66-d411-427d-9df2-55011072e831
Fingerprint fca61012bfb3bbc8
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 2, 2022, midnight
Added to db Oct. 24, 2023, 1:42 p.m.
Last updated Nov. 18, 2024, 2:35 a.m.
Headline Fake Atomic Wallet Website Distributing Mars Stealer
Title Fake Atomic Wallet Website Distributing Mars Stealer
Detected Hints/Tags/Attributes 71/3/26
Source URLs
Redirection Url
Details Redirection https://blog.cyble.com/2022/08/02/fake-atomic-wallet-website-distributing-mars-stealer/
Details Source https://cyble.com/blog/fake-atomic-wallet-website-distributing-mars-stealer/
URL Provider
Details Provider Source level domain
Details cyble.com cyble.com
Details cyble.com blog.cyble.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
atomic-wallet.net
Details Domain 318 
bit.ly
Details Domain 3 
wallet.zip
Details File 2 
wallet.zip
Details File 1 
atomicwallet-setup.bat
Details File 1209 
powershell.exe
Details File 1 
atomicwallet_setup.bat
Details md5 1 
3004914cdfa67357410e6f0c9a091655
Details md5 1 
10f0d3a64949a6e15a9c389059a8f379
Details sha1 1 
dfdbb09661ee90ad4e88e7b0510653c93485a4b2
Details sha1 1 
0f6e3442c67d6688fae5f51b4f60b78cd05f30df
Details sha256 1 
33d0d9fe89f0dba2b89347a0e2e6deb22542476d98676187f8c1eb529cb3997f
Details sha256 1 
10afe233525aaf99064e4e444f11a8fc01f8b9f508e4f123fd76b314a6d360f9
Details MITRE ATT&CK Techniques 409 
T1566
Details MITRE ATT&CK Techniques 420 
T1204
Details MITRE ATT&CK Techniques 107 
T1564
Details MITRE ATT&CK Techniques 627 
T1027
Details MITRE ATT&CK Techniques 172 
T1555
Details MITRE ATT&CK Techniques 99 
T1539
Details MITRE ATT&CK Techniques 113 
T1552
Details MITRE ATT&CK Techniques 40 
T1528
Details MITRE ATT&CK Techniques 1006 
T1082
Details MITRE ATT&CK Techniques 422 
T1041
Details Url 1 
http://atomic-wallet.net
Details Url 1 
https://bit.ly/3prdyh8
Details Url 1 
https://atomic-wallet.net