Today > | 7 High | 24 Medium | 8 Low vulnerabilities   -   You can now download lists of IOCs here!

The Will of D: A Deep Dive into Divulge Stealer, Dedsec Stealer, and Duck Stealer

Oct. 21, 2024, 10:54 a.m.

Description

This analysis examines three emerging malware threats: Divulge Stealer, DedSec Stealer, and Duck Stealer. These stealers, often promoted on platforms like GitHub and Telegram, target browser data, game information, and sensitive personal details. Divulge Stealer, a successor to Umbral Stealer, features anti-VM capabilities and targets multiple browsers and cryptocurrency wallets. DedSec Stealer, a copy of Doenerium, employs similar evasion techniques and focuses on stealing various types of data. Duck Stealer, identified as AZStealer, shares functionalities with the others, including anti-VM features and extensive cryptocurrency wallet targeting. The analysis highlights the interconnected nature of these threats and their potential impact on users and organizations.

Date

Published: Oct. 21, 2024, 10:51 a.m.

Created: Oct. 21, 2024, 10:51 a.m.

Modified: Oct. 21, 2024, 10:54 a.m.

Indicators

a2b284d185326ef5a6031fd2278302a715181989230b54f9e4e4d79545a0dde7

5dd0d74ce7e044c93ae79a7d5a66e1a1cd2a8c838c89e19f67279ab91dc19bd9

051829813ea3c66e37f184bbfaa2fa3d8752abbfa4828fa5847f1986ae461e3c

Attack Patterns

AZStealer

Duck Stealer

Umbral Stealer

DedSec Stealer

Divulge Stealer

Doenerium

T1574.002

T1018

T1547.001

T1012

T1005

T1573

T1082

T1057

T1071

T1047

T1055

T1036

T1003

T1059