{
  "name": "Samstealer Attacking Windows Systems To Steal Sensitive Data",
  "slug": "samstealer-attacking-windows-systems-to-steal-sensitive-data",
  "description": "A new .NET malware named \u201cSamsStealer\u201d spreads through Telegram with the aim of stealing sensitive files on Windows. \nIt creates a temp folder and then proceeds to steal passwords, cookies, and other information from different browsers such as Chrome, Edge, and cryptocurrency wallets.",
  "published": "2024-05-21T10:48:12+00:00",
  "created_at": "2024-05-21T10:48:12+00:00",
  "modified_at": "2024-05-21T11:36:37+00:00",
  "created_at_opencti": "2024-05-21T10:48:12+00:00",
  "author": "",
  "confidence": null,
  "report_types": [],
  "labels": [],
  "tags": [
    "2024-05-21"
  ],
  "related_entities": {
    "observables": [
      {
        "id": "",
        "name": "f626445f388f589d38ef7d44e468932943147549b3a4e89b70d041add4317bc7"
      },
      {
        "id": "",
        "name": "e760c16887706d2077389da7107d1437600d300a5377f7a2448100c8bce34bc2"
      },
      {
        "id": "",
        "name": "766b8294e401d9c457d53e45e15e26591b3c5c86315d81d9d17e5696cc0f13e1"
      },
      {
        "id": "",
        "name": "72b533148a6f845c0933b3a135bbc6c3324a1bb7c3203aadf7eb0b3867a0dbd1"
      },
      {
        "id": "",
        "name": "55386780aa8361786a28cff0dfa9115d2426dd4a5e007da6b49cebab26442621"
      },
      {
        "id": "",
        "name": "3e4dd71076b5fb02227cd68c701212664af94413c9504344fa157ca81d7033ac"
      },
      {
        "id": "",
        "name": "298fedcc4e300c3d441bd1c07fb5023f85015b33896451b0ad49f9e10296d10f"
      },
      {
        "id": "",
        "name": "39619d09e0f9fcf2ffa316f4d754767645fa12fc16072bc9efb9431304fa9a4a"
      },
      {
        "id": "",
        "name": "0b0459112a66ed3654fcacbf9de8fea04a8f563ea6c82f6d705aaa9a68f8b06d"
      }
    ],
    "malware": [
      {
        "id": "legacy:malware:59dd4acf0d452437",
        "name": "SamsStealer",
        "slug": "samsstealer"
      }
    ],
    "attack_patterns": [
      {
        "id": "232fbdfa-94c6-443d-b575-373e75b4f4c2",
        "name": "T1567"
      },
      {
        "id": "196f2a64-c55b-47a6-8e38-beb76ba700b6",
        "name": "T1204.002"
      },
      {
        "id": "97d377d8-89c7-48f8-a79f-0f48bd60df74",
        "name": "T1005"
      },
      {
        "id": "70616b2f-4019-4963-b758-5d9f6f20e201",
        "name": "T1082"
      },
      {
        "id": "dc410646-9cdd-427b-92e7-179a54f78f90",
        "name": "T1566.001"
      },
      {
        "id": "50514c04-b3a2-4abf-a855-e3a434200c87",
        "name": "T1204"
      },
      {
        "id": "fa3b8b48-d97c-4242-83a6-07d435a5a79e",
        "name": "T1041"
      },
      {
        "id": "d9b45b3b-d093-4016-89e9-48f31ff4d05d",
        "name": "T1566"
      }
    ]
  },
  "external_refs": [
    "https://www.cyfirma.com/research/samsstealer-unveiling-the-information-stealer-targeting-windows-systems/",
    "https://otx.alienvault.com/pulse/664c980d813f049988bf5d3b"
  ]
}