SvcStealer 2025 is a newly discovered information stealer malware distributed through spear phishing emails. It targets sensitive data including machine information, installed software, user credentials, cryptocurrency wallets, and browser data. The malware creates a unique folder, terminates specific processes, and harvests data from various sources. It compresses the collected information and sends it to a command and control server. The malware can also download additional payloads and implements evasion techniques. It targets multiple browsers, messaging applications, and specific file types. The campaign was observed in late January 2025, with the threat actors potentially selling the stolen data on underground forums and marketplaces. Author: AlienVault
Related Tags:
c2 communication
evasion techniques
T1566.001
information stealer
T1070.004
data exfiltration
T1056.001
T1518
T1552.001
Associated Indicators:
549114C5A704DC826028DFDE7E252B9E6F0AB3A9
C680C17065C5DBC6EE633F81E02C5D91B2539EDC
0535262FE0F5413494A58ACA9CE939B2
4868A5A4C8E0AB56FA3BE8469DD4BC75
05EF958A79150795D43E84277C455F5D
176.113.115.149
185.81.68.156