Gomorrah Stealer: An In-Depth Analysis of a .NET-Based Malware

Sept. 16, 2024, 9:57 a.m.

Tags
evasion
stealer
exfiltration
persistence
malware-as-a-service
2024-09-16
gomorrah stealer
External References
Description

This comprehensive report analyzes Gomorrah Stealer, a sophisticated malware designed to exfiltrate sensitive information from compromised systems. It operates within a malware-as-a-service framework and targets data from web browsers, cryptocurrency wallets, VPNs, and configuration files. The stealer employs advanced evasion techniques, establishes persistence, and uploads stolen data to a remote server. The analysis explores the malware's functionality, data collection processes, anti-analysis measures, and overall impact, providing valuable insights into this evolving threat.

Date

Published: Sept. 16, 2024, 9:52 a.m.

Created: Sept. 16, 2024, 9:52 a.m.

Modified: Sept. 16, 2024, 9:57 a.m.

Indicators

dc33943da400ea506484952ba242737460c73dd2b3e88c16f0f18a0fd6dc459c

bf78263914c6d3f84f825504536338fadd15868d788bf30d30613ca27abeb7a9

62c6aebb6bcc4d2faf985a4af59b111ae1e162419acfae7e7f126189073bddf1

2f8a79b12a7a989ac7e5f6ec65050036588a92e65aeb6841e08dc228ff0e21b4

172.93.223.99

Download all indicators here!

Attack Patterns

Gomorrah Stealer

Lucifer