Gomorrah Stealer: An In-Depth Analysis of a .NET-Based Malware
Essential information
- Published
- 16/09/2024 09:52
- Modified
- 16/09/2024 09:57
- Tags
- 2024-09-16 evasion exfiltration gomorrah stealer malware-as-a-service persistence stealer
- Related entities
- 6 observables, 1 intrusion sets (apt), 1 malware
Description
This comprehensive report analyzes Gomorrah Stealer, a sophisticated malware designed to exfiltrate sensitive information from compromised systems. It operates within a malware-as-a-service framework and targets data from web browsers, cryptocurrency wallets, VPNs, and configuration files. The stealer employs advanced evasion techniques, establishes persistence, and uploads stolen data to a remote server. The analysis explores the malware's functionality, data collection processes, anti-analysis measures, and overall impact, providing valuable insights into this evolving threat.