BLX STEALER
Sept. 11, 2024, 8:24 a.m.
Description
Identified as a sophisticated dropper binary designed to deploy an information stealer dubbed BLX Stealer or XLABB Stealer, this malware has been actively promoted on Telegram and Discord platforms. It targets credentials, browser data, cryptocurrency wallets, and other sensitive personal information. The malware is available in both free and premium versions, with the latter offering enhanced capabilities like full undetectability. It can steal browser passwords, gaming accounts, cryptocurrency wallet details, and ensure persistence by dropping its payload in the startup folder, allowing it to survive system reboots.
Tags
Date
- Created: Sept. 11, 2024, 8:05 a.m.
- Published: Sept. 11, 2024, 8:05 a.m.
- Modified: Sept. 11, 2024, 8:24 a.m.
Indicators
- e74dac040ec85d4812b479647e11c3382ca22d6512541e8b42cf8f9fbc7b4af6
- d3da2061327b09f1eba1b9d5db0c61db24b9f6b13bae96510bb791057067ab34
- 8c4daf5e4ced10c3b7fd7c17c7c75a158f08867aeb6bccab6da116affa424a89
- 5b46be0364d317ccd66df41bea068962d3aae032ec0c8547613ae2301efa75d6
- 32abb4c0a362618d783c2e6ee2efb4ffe59a2a1000dadc1a6c6da95146c52881
Attack Patterns
- XLABB Stealer
- BLX Stealer