all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Unmasking the Dot Stealer

Add to bookmarks
Feb. 8, 2024, 2:56 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Recently we came across a tweet about DotStealer malware, and on observing its behavior we found it to be stealing user information like User Login and Credit card data, along with system information such as the contents of Desktop and Downloads folder. All this stolen data is exfiltrated through a Telegram account.



Fig 1: Die_output 


The sample in question is a 32-bit executable file compiled with .NET(v4.0.30319) .



Fig 2: Entry point


At first malware finds the user’s username and …

account card credit credit card data desktop dot downloads exfiltrated folder found information login malware malware analysis stealer stealing stolen system telegram

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks 38 minutes ago | malware.news
advisory article blog compromised +21
Intel 471 Sets New Standard in Intelligence-Driven Threat Hunting 43 minutes ago | malware.news
actor advanced cyborg cyborg security +14
Linux Trojan - Xorddos with Filename eyshcjdmzg, (Mon, Apr 29th) 7 hours ago | malware.news
ddos dshield filename files +8
CISO Perspectives: Protecting Legacy Network Devices with ZTNA 10 hours ago | malware.news
attention aware ciso customers +20
London Drugs pharmacy closes all stores to respond to cyber incident 11 hours ago | malware.news
article canada closures cyber +11
HPE security advisory (AV24-232) 12 hours ago | malware.news
advisory article canadian canadian centre for cyber security +7
SonicWall security advisory (AV24-233) 12 hours ago | malware.news
advisory article canadian canadian centre for cyber security +7
Critical infrastructure cyberattacks pushed NSA to unmask thousands of U.S. identities through spying law 13 hours ago | malware.news
act critical critical infrastructure cyberattacks +14
Change Healthcare incident caused by compromised Citrix credentials 13 hours ago | malware.news
article ceo change change healthcare +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Professional Services Resident Consultant / Senior Professional Services Resident Consultant - AMS

@ Zscaler | Bengaluru, India
View on infosec-jobs.com

Head of Security, Risk & Compliance

@ Gedeon Richter Pharma GmbH | Budapest, HU
View on infosec-jobs.com

Unarmed Professional Security Officer - County Hospital

@ Allied Universal | Los Angeles, CA, United States
View on infosec-jobs.com

Senior Software Engineer, Privacy Engineering

@ Block | Seattle, WA, United States
View on infosec-jobs.com

Senior Cyber Security Specialist

@ Avaloq | Bioggio, Switzerland
View on infosec-jobs.com
View more jobs