The Will of D: A Deep Dive into Divulge Stealer, Dedsec Stealer, and Duck Stealer

Oct. 21, 2024, 10:54 a.m.

Description

This analysis examines three emerging malware threats: Divulge Stealer, DedSec Stealer, and Duck Stealer. These stealers, often promoted on platforms like GitHub and Telegram, target browser data, game information, and sensitive personal details. Divulge Stealer, a successor to Umbral Stealer, features anti-VM capabilities and targets multiple browsers and cryptocurrency wallets. DedSec Stealer, a copy of Doenerium, employs similar evasion techniques and focuses on stealing various types of data. Duck Stealer, identified as AZStealer, shares functionalities with the others, including anti-VM features and extensive cryptocurrency wallet targeting. The analysis highlights the interconnected nature of these threats and their potential impact on users and organizations.

External References

https://www.cyfirma.com/research/the-will-of-d-a-deep-dive-into-divulge-stealer-dedsec-stealer-and-duck-stealer/
https://otx.alienvault.com/pulse/671632274cd6fde9de79aec3
Tags
infostealer
cryptocurrency
browser data theft
2024-10-21
anti-vm
doenerium
divulge stealer
umbral stealer
duck stealer
azstealer
dedsec stealer

Date

  • Created: Oct. 21, 2024, 10:51 a.m.
  • Published: Oct. 21, 2024, 10:51 a.m.
  • Modified: Oct. 21, 2024, 10:54 a.m.

Indicators

  • a2b284d185326ef5a6031fd2278302a715181989230b54f9e4e4d79545a0dde7
  • 5dd0d74ce7e044c93ae79a7d5a66e1a1cd2a8c838c89e19f67279ab91dc19bd9
  • 051829813ea3c66e37f184bbfaa2fa3d8752abbfa4828fa5847f1986ae461e3c
Download all indicators here!

Attack Patterns

  • AZStealer
  • Duck Stealer
  • Umbral Stealer
  • DedSec Stealer
  • Divulge Stealer
  • Doenerium