The Will of D: A Deep Dive into Divulge Stealer, Dedsec Stealer, and Duck Stealer
Oct. 21, 2024, 10:54 a.m.
Tags
External References
Description
This analysis examines three emerging malware threats: Divulge Stealer, DedSec Stealer, and Duck Stealer. These stealers, often promoted on platforms like GitHub and Telegram, target browser data, game information, and sensitive personal details. Divulge Stealer, a successor to Umbral Stealer, features anti-VM capabilities and targets multiple browsers and cryptocurrency wallets. DedSec Stealer, a copy of Doenerium, employs similar evasion techniques and focuses on stealing various types of data. Duck Stealer, identified as AZStealer, shares functionalities with the others, including anti-VM features and extensive cryptocurrency wallet targeting. The analysis highlights the interconnected nature of these threats and their potential impact on users and organizations.
Date
Published: Oct. 21, 2024, 10:51 a.m.
Created: Oct. 21, 2024, 10:51 a.m.
Modified: Oct. 21, 2024, 10:54 a.m.
Indicators
a2b284d185326ef5a6031fd2278302a715181989230b54f9e4e4d79545a0dde7
5dd0d74ce7e044c93ae79a7d5a66e1a1cd2a8c838c89e19f67279ab91dc19bd9
051829813ea3c66e37f184bbfaa2fa3d8752abbfa4828fa5847f1986ae461e3c
Attack Patterns
AZStealer
Duck Stealer
Umbral Stealer
DedSec Stealer
Divulge Stealer
Doenerium
T1574.002
T1018
T1547.001
T1012
T1005
T1573
T1082
T1057
T1071
T1047
T1055
T1036
T1003
T1059