Ailurophile: New Infostealer sighted in the wild
Tags
country: U.S. Virgin Islands
attack-pattern: Data Model Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Powershell - T1086 Third-Party Software - T1072
Show in Graph
Common Information
Type Value
UUID 355d0a09-ba57-45e6-b8d2-e18fd011720e
Fingerprint 8d0e5a4a67370753
Analysis status DONE
Considered CTI value 0
Text language
Published Aug. 16, 2024, 11:54 a.m.
Added to db Aug. 31, 2024, 3:17 a.m.
Last updated Nov. 17, 2024, 9:42 p.m.
Headline Ailurophile: New Infostealer sighted in the wild
Title Ailurophile: New Infostealer sighted in the wild
Detected Hints/Tags/Attributes 34/2/25
Source URLs
Redirection Url
Details Redirection https://feeds.feedblitz.com/~/902958008/0/gdatasecurityblog-en~Ailurophile-New-Infostealer-sighted-in-the-wild
Details Source https://www.gdatasoftware.com/blog/2024/08/38005-ailurophile-infostealer
URL Provider
Details Provider Source level domain
Details feedblitz.com feeds.feedblitz.com
Details gdatasoftware.com www.gdatasoftware.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 112 G Data SecurityBlog (english) https://feeds.feedblitz.com/gdatasecurityblog-en 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 1 
%localappdata%\ailurophile\cards.txt
Details File 1 
cryptowallet.php
Details sha256 1 
4d38d7c7161ccb08998f90079a565f32a296f1bf404001b9e6bbc4d4558d53fd
Details sha256 1 
e04dbe0de745fc8026710034af6a00fc8dc38569440ce8ebebe74cd4dc0a6dc5
Details File 1205 
index.php
Details File 1 
c:\\users\\muser\\desktop\\data\\php.exe
Details File 1 
c:\users\muser\desktop\data\php-cli.ini
Details File 1 
c:\\users\\muser\\desktop\\data\\index.php
Details File 153 
config.json
Details File 271 
chrome.exe
Details File 10 
filezilla.exe
Details File 128 
msedge.exe
Details File 3 
watcher.exe
Details File 73 
opera.exe
Details File 15 
brave.exe
Details File 99 
steam.exe
Details File 4 
riotclientservices.exe
Details File 35 
discord.exe
Details File 82 
taskkill.exe
Details File 1 
%localappdata%\ailurophile\autofills.txt
Details File 3 
webdata.db
Details File 1 
password.db
Details File 11 
history.db
Details File 1 
%localappdata%\ailurophile\stolen_files.zip
Details File 1 
web.db