all InfoSec news
Malware analysis report: Stealc stealer - part 2
Malware Analysis, News and Indicators - Latest topics malware.news
We continue to publish our analysis report of Stealc, an information stealer promoted by its supposed developer Plymouth on Russian-language underground forums and sold as malware as a service since January 9, 2023.
In this part we are analyse exfiltration system information and downloader logic of stealer.
Download Browsers Configurations:
inside sub_0x403D5F()
→ renamed to mw_Download_1()
, Stealc again will ask C2 to feed it with some configuration to be used in stealth behavior, it will do the same steps …
analysis browsers continue developer download downloader exfiltration forums information information stealer january language logic malware malware analysis report russian russian-language service stealc stealc stealer stealer system underground