Python InfoStealer With Dynamic Sandbox Detection, (Tue, Feb 20th)

Infostealers written in Python are not new. They also onboard a lot of sandbox detection mechanisms to prevent being executed (and probably detected) by automatic analysis. Last week, I found one that uses the same approach but in a different way. Usually, the scripts have a list of “bad stuff” to check like MAC addresses, usernames, processes, etc. These are common ways to detect simple sandboxes that are not well-hardened. This time, the “IOD” (Indicators Of Detection) list is stored …

analysis automatic bad detection dynamic found infostealer infostealers list lot python sandbox scripts week written