Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

Ailurophile Stealer

Sept. 9, 2024, 9:52 a.m.

Description

This analysis examines a newly identified threat dubbed 'Ailurophile Stealer,' a malware designed to compromise victims' systems by extracting sensitive browser data including stored credentials, cookies, and browsing history. The stealer utilizes various techniques like placing malicious files in startup folders, collecting browser information, loading essential DLLs, and establishing command-and-control communication. Discovered on GitHub, the threat actor promotes its distribution through a referral program, web panel for malware generation, and operates from a likely location in Vietnam. The malware poses a significant risk by efficiently exfiltrating data while maintaining remote control.

Date

Published: Sept. 9, 2024, 9:26 a.m.

Created: Sept. 9, 2024, 9:26 a.m.

Modified: Sept. 9, 2024, 9:52 a.m.

Indicators

5508e6e9f62af269f48301f4149cabfb7d421b39d94559ae88a96dc88ddf7501

4d38d7c7161ccb08998f90079a565f32a296f1bf404001b9e6bbc4d4558d53fd

103.252.123.135

Attack Patterns

Ailurophile Stealer

Ailurophile Stealer threat actor

T1217

T1588.001

T1592.002

T1008

T1185

T1218.011

T1059.001

T1071.001

T1573

T1486

T1105

T1041