JAVA-Based Sophisticated Stealer Using Discord Bot as EventListener [Wednesday, January 24, 2024]

In mid-November 2023, Trellix Advanced Research Center team members observed a Java-based stealer being spread through cracked software zip files u...
JAVA-Based Sophisticated Stealer Using Discord Bot as EventListener [Wednesday, January 24, 2024]
JAVA-Based Sophisticated Stealer Using Discord Bot as EventListener
Report

JAVA-Based Sophisticated Stealer Using Discord Bot as EventListener

Description :
In mid-November 2023, Trellix Advanced Research Center team members observed a Java-based stealer being spread through cracked software zip files using JDABuilder Classes to create an instance of the EventListener to easily register. The Stealer uses Discord bot channel as an EventListener.

Published Created Modified
2024-01-24 18:21:10 2024-01-24 18:21:10 2024-01-24 18:34:00

Tags

Indicators

Hashes :
  • eb845853386ca89043ac04ec399e5111a906fd2bcde24ab02494eb035fdd1224
  • 90ba262acdb6fd1ead5167a7347a1d66ee0075c24ed18d5b4cb07933a4c42805
  • a8be7f50b0554e519a8c98ec39d2ba76e0655da133c8795a41d36dc29d9c7433
  • 3013ab2c5c8c8a217e9484f6a46fbacacbce92475dbe7f8d5e3f04d23974de83
  • d5a528f524401a36a6366619f3b2d83efed740801128f527e9dce80e68060922
  • 89665ab4e6ed00809208a4656bc38da81831fd4b8044d7039e5542fe47b81d0e
  • 3dc895e597d503590ef117dd942709a180392c9522c704901e272113bea8310f
  • 3dd8439a4fcc880a5cd5df005e15638be298993c141c200e47c769ef2e3ca1f4
  • 9486f5c47b037e87732c0c7d7d686334d7c3761133735f8b6d65b3aa479ec113
  • 506b40e0f199b32a597bb44aa90343cc14830796f2bf3fd7c3fa281a52ce27c9
  • 85eec9d888d584c33b597d6e40f1a74b4d00db9838d681339b845bb87c14cd10
  • ecb4b09bfd34adc671537c98d1b1cd6f662e66077904db0da9f88e2054ef9edd
  • 6d6c788c928c1408dd19de83b6dd1a12092c96b179fc17a66414886cf8d1daf0
  • ded871d290ad309d228c00107d87e88dfadbc9d682ff3e04d9fb63f2c34aa256
  • bcff5e6d151126f0c3691b8c0fc46fb4e586ee5559068ac3acc2bd478c1c9ca1
  • f02496f4b9da09ae0fbf1b59fbdc4b2193cc9e03134ee4c5e71141bb618fdd0c
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.