Clicky

Pages

Thursday, October 10, 2024

2024-10-03 Amnesia Stealer Samples

2024-10-03 Threatmon: Amnesia Stealer 


Amnesia Stealer, a customizable open-source malware, was identified by ThreatMon on September 17, 2024.
Functions as Malware-as-a-Service (MaaS), making it easily accessible for cybercriminals.
Uses Discord and Telegram for Command & Control (C2) operations.
Capable of stealing sensitive data like browser passwords, Discord tokens, cryptocurrency wallets, and Wi-Fi credentials.
Features keylogging, clipboard hijacking, and can bypass Windows Defender.
Can inject additional malware like trojans, cryptocurrency miners, and droppers.
Available in three versions: Free, VIP, and an Android variant (in development).
Android version can steal call logs, SMS, and WhatsApp session files.  -- Key findings by Threatmon.


--------

Download
File Information
  • ├── 5b7e0be073dd22bd568bb9833f914c3e130863bd06d70b7623392a37d0ba4978 s.exe 
  • ├── 66985fe45320243565f3940f464bdab74179ac48afb9b6511e628ea826e60c33 Build.exe 
  • ├── bbe5544c408a6eb95dd9980c61a63c4ebc8ccbeecade4de4fae8332361e27278 updater.exe 
  • ├── c59a6d4e3082d0768b614b9d7e1b7a9915ee4615cea1d1bd8b45cb249a5f886c crss.exe 
  • ├── d07c47f759245d34a5b94786637c3d2424c7e3f3dea3d738d95bf4721dbf3b16 svchost.exe 
  • ├── dff14514b26b6278a7ffd56775c3193425e8c4ff7b544e3c3a8e2956ff9b74b8 Help.Exe 
  • ├── e0338c845a876d585eceb084311e84f3becd6fa6f0851567ba2c5f00eeaf4ecf conhost.exe 
  • └── e50c227b0f6283a82b7fef58d4ff3de1c25fa31922375e9d1518bf61bbc5d04a Build.exe 
Malware Repo Links
    Over the past 15 years, as the blog has been around, many hosting providers have dropped support due to stricter no-malware policies. This has led to broken links, especially in older posts. If you find a broken link on contagiodump.blogspot.com (or contagiominidump.blogspot.com), just note the file name from the URL and search for it in the Contagio Malware Storage.

No comments:

Post a Comment