MalwareAlias

@[email protected]
5 Followers
5 Following
19 Posts

Fighting the malware family alias problem with Bots 🤖

You mention me, I reply to your toot with alias information from Malpedia to any *tagged* malware families in your toot.

You want me to always react to tagged malware families in all of your posts? Follow me and I follow you back. You want to opt out again? Just unfollow me.

Suggestions? Annoyed about how I work? Toot my creator: @targodan

The Bot in the avatar and header is by FontAwesome Free, licensed under CC BY 4.0: https://creativecommons.org/licenses/by/4.0/

Creator@targodan
Show threadMalwareAliasDec 5

Mentioned Malware Families: ValleyRAT, PureRAT

Aliases for ValleyRAT: win.valley_rat, Winos
Malpedia link for ValleyRAT: https://malpedia.caad.fkie.fraunhofer.de/details/win.valley_rat
Aliases for PureRAT: win.pure_rat, PureHVNC, ResolverRAT
Malpedia link for PureRAT: https://malpedia.caad.fkie.fraunhofer.de/details/win.pure_rat

#ValleyRAT #PureRAT

Aliases provided by Malpedia.

ValleyRAT (Malware Family)

Details for the ValleyRAT malware family including references, samples and yara signatures.

Show threadMalwareAliasDec 5

Mentioned Malware Families: ValleyRAT, PureRAT

Aliases for ValleyRAT: win.valley_rat, Winos
Malpedia link for ValleyRAT: https://malpedia.caad.fkie.fraunhofer.de/details/win.valley_rat
Aliases for PureRAT: win.pure_rat, PureHVNC, ResolverRAT
Malpedia link for PureRAT: https://malpedia.caad.fkie.fraunhofer.de/details/win.pure_rat

#ValleyRAT #PureRAT

Aliases provided by Malpedia.

ValleyRAT (Malware Family)

Details for the ValleyRAT malware family including references, samples and yara signatures.

Show threadMalwareAliasDec 5

Mentioned Malware Families: ValleyRAT, PureRAT

Aliases for ValleyRAT: win.valley_rat, Winos
Malpedia link for ValleyRAT: https://malpedia.caad.fkie.fraunhofer.de/details/win.valley_rat
Aliases for PureRAT: win.pure_rat, PureHVNC, ResolverRAT
Malpedia link for PureRAT: https://malpedia.caad.fkie.fraunhofer.de/details/win.pure_rat

#ValleyRAT #PureRAT

Aliases provided by Malpedia.

ValleyRAT (Malware Family)

Details for the ValleyRAT malware family including references, samples and yara signatures.

Show threadMalwareAliasNov 20

Mentioned Malware Families: Stealc, NightshadeC2

Aliases for Stealc: win.stealc
Malpedia link for Stealc: https://malpedia.caad.fkie.fraunhofer.de/details/win.stealc
Aliases for NightshadeC2: win.nightshade_c2, CastleRAT
Malpedia link for NightshadeC2: https://malpedia.caad.fkie.fraunhofer.de/details/win.nightshade_c2

#Stealc #NightshadeC2

Aliases provided by Malpedia.

Stealc (Malware Family)

Stealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline. Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.

Show threadMalwareAliasNov 20

Mentioned Malware Families: Stealc, CASTLELOADER, NightshadeC2

Aliases for Stealc: win.stealc
Malpedia link for Stealc: https://malpedia.caad.fkie.fraunhofer.de/details/win.stealc
Aliases for CASTLELOADER: win.castleloader
Malpedia link for CASTLELOADER: https://malpedia.caad.fkie.fraunhofer.de/details/win.castleloader
Aliases for NightshadeC2: win.nightshade_c2, CastleRAT
Malpedia link for NightshadeC2: https://malpedia.caad.fkie.fraunhofer.de/details/win.nightshade_c2

#Stealc #CASTLELOADER #NightshadeC2

Aliases provided by Malpedia.

Stealc (Malware Family)

Stealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline. Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.

Show threadMalwareAliasNov 20

Mentioned Malware Families: Stealc, CASTLELOADER, NightshadeC2

Aliases for Stealc: win.stealc
Malpedia link for Stealc: https://malpedia.caad.fkie.fraunhofer.de/details/win.stealc
Aliases for CASTLELOADER: win.castleloader
Malpedia link for CASTLELOADER: https://malpedia.caad.fkie.fraunhofer.de/details/win.castleloader
Aliases for NightshadeC2: win.nightshade_c2, CastleRAT
Malpedia link for NightshadeC2: https://malpedia.caad.fkie.fraunhofer.de/details/win.nightshade_c2

#Stealc #CASTLELOADER #NightshadeC2

Aliases provided by Malpedia.

Stealc (Malware Family)

Stealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline. Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.

Show threadMalwareAliasNov 20

Mentioned Malware Families: Stealc, CASTLELOADER, NightshadeC2

Aliases for Stealc: win.stealc
Malpedia link for Stealc: https://malpedia.caad.fkie.fraunhofer.de/details/win.stealc
Aliases for CASTLELOADER: win.castleloader
Malpedia link for CASTLELOADER: https://malpedia.caad.fkie.fraunhofer.de/details/win.castleloader
Aliases for NightshadeC2: win.nightshade_c2, CastleRAT
Malpedia link for NightshadeC2: https://malpedia.caad.fkie.fraunhofer.de/details/win.nightshade_c2

#Stealc #CASTLELOADER #NightshadeC2

Aliases provided by Malpedia.

Stealc (Malware Family)

Stealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline. Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.

Show threadMalwareAliasNov 20

Mentioned Malware Families: Stealc, CASTLELOADER, NightshadeC2

Aliases for Stealc: win.stealc
Malpedia link for Stealc: https://malpedia.caad.fkie.fraunhofer.de/details/win.stealc
Aliases for CASTLELOADER: win.castleloader
Malpedia link for CASTLELOADER: https://malpedia.caad.fkie.fraunhofer.de/details/win.castleloader
Aliases for NightshadeC2: win.nightshade_c2, CastleRAT
Malpedia link for NightshadeC2: https://malpedia.caad.fkie.fraunhofer.de/details/win.nightshade_c2

#Stealc #CASTLELOADER #NightshadeC2

Aliases provided by Malpedia.

Stealc (Malware Family)

Stealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline. Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.

Show threadMalwareAliasNov 20

Mentioned Malware Families: Stealc, NightshadeC2

Aliases for Stealc: win.stealc
Malpedia link for Stealc: https://malpedia.caad.fkie.fraunhofer.de/details/win.stealc
Aliases for NightshadeC2: win.nightshade_c2, CastleRAT
Malpedia link for NightshadeC2: https://malpedia.caad.fkie.fraunhofer.de/details/win.nightshade_c2

#Stealc #NightshadeC2

Aliases provided by Malpedia.

Stealc (Malware Family)

Stealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline. Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.

Show threadMalwareAliasNov 20

Mentioned Malware Families: Stealc, NightshadeC2

Aliases for Stealc: win.stealc
Malpedia link for Stealc: https://malpedia.caad.fkie.fraunhofer.de/details/win.stealc
Aliases for NightshadeC2: win.nightshade_c2, CastleRAT
Malpedia link for NightshadeC2: https://malpedia.caad.fkie.fraunhofer.de/details/win.nightshade_c2

#Stealc #NightshadeC2

Aliases provided by Malpedia.

Stealc (Malware Family)

Stealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline. Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.