216.73.217.172

StilachiRAT analysis: From system reconnaissance to cryptocurrency theft

· Published 17/03/2025 22:21 · Modified 18/03/2025 09:58

Export JSON

Essential information

Published
17/03/2025 22:21
Modified
18/03/2025 09:58
Tags
2025-03-17 anti-forensics command and control credential-theft cryptocurrency theft persistence rdp monitoring remote access trojan stilachirat system reconnaissance
Related entities
1 vulnerabilities (cve), 2 observables, 1 malware

Description

Microsoft Incident Response researchers discovered a novel named , demonstrating sophisticated evasion, , and data exfiltration techniques. The malware collects extensive system information, targets cryptocurrency wallet extensions, steals browser credentials, establishes command-and-control communication, executes remote commands, achieves through Windows services, monitors RDP sessions, collects clipboard data, and employs anti-forensic measures. 's capabilities include , digital wallet targeting, credential theft, command execution, and clipboard monitoring. The analysis reveals its potential for and system manipulation.

External references