all InfoSec news
Unmasking the Dot Stealer
Malware Analysis, News and Indicators - Latest topics malware.news
Recently we came across a tweet about DotStealer malware, and on observing its behavior we found it to be stealing user information like User Login and Credit card data, along with system information such as the contents of Desktop and Downloads folder. All this stolen data is exfiltrated through a Telegram account.
Fig 1: Die_output
The sample in question is a 32-bit executable file compiled with .NET(v4.0.30319) .
Fig 2: Entry point
At first malware finds the user’s username and …
account card credit credit card data desktop dot downloads exfiltrated folder found information login malware malware analysis stealer stealing stolen system telegram