BLX STEALER
Sept. 11, 2024, 8:24 a.m.
Tags
External References
Description
Identified as a sophisticated dropper binary designed to deploy an information stealer dubbed BLX Stealer or XLABB Stealer, this malware has been actively promoted on Telegram and Discord platforms. It targets credentials, browser data, cryptocurrency wallets, and other sensitive personal information. The malware is available in both free and premium versions, with the latter offering enhanced capabilities like full undetectability. It can steal browser passwords, gaming accounts, cryptocurrency wallet details, and ensure persistence by dropping its payload in the startup folder, allowing it to survive system reboots.
Date
Published: Sept. 11, 2024, 8:05 a.m.
Created: Sept. 11, 2024, 8:05 a.m.
Modified: Sept. 11, 2024, 8:24 a.m.
Indicators
e74dac040ec85d4812b479647e11c3382ca22d6512541e8b42cf8f9fbc7b4af6
d3da2061327b09f1eba1b9d5db0c61db24b9f6b13bae96510bb791057067ab34
8c4daf5e4ced10c3b7fd7c17c7c75a158f08867aeb6bccab6da116affa424a89
5b46be0364d317ccd66df41bea068962d3aae032ec0c8547613ae2301efa75d6
32abb4c0a362618d783c2e6ee2efb4ffe59a2a1000dadc1a6c6da95146c52881
Attack Patterns
XLABB Stealer
BLX Stealer