TROX Stealer Harvests Sensitive Data Including Stored Credit Cards and Browser Credentials
Tags
| attack-pattern: | Data Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 |
Common Information
| Type | Value |
|---|---|
| UUID | ad548450-ea37-4de9-80a4-e5ba38e0ee9d |
| Fingerprint | 69382958a5dfc693 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 11, 2025, 9:30 a.m. |
| Added to db | April 11, 2025, 11:52 a.m. |
| Last updated | April 17, 2025, 4:25 p.m. |
| Headline | TROX Stealer Harvests Sensitive Data Including Stored Credit Cards and Browser Credentials |
| Title | TROX Stealer Harvests Sensitive Data Including Stored Credit Cards and Browser Credentials |
| Detected Hints/Tags/Attributes | 40/1/26 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 125 | ✔ | GBHackers Security | #1 Globally Trusted Cyber Security News Platform | https://gbhackers.com/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | debt-collection-experts.com |
|
| Details | Domain | 2 | documents.debt-collection-experts.com |
|
| Details | Domain | 2 | debt-collection-experts.online |
|
| Details | Domain | 2 | download.debt-collection-experts.online |
|
| Details | Domain | 2 | downloads.debt-collection-experts.online |
|
| Details | Domain | 2 | docs.debt-collection-experts.online |
|
| Details | Domain | 1 | esystematics.de |
|
| Details | Domain | 1 | contactcorporate.de |
|
| Details | Domain | 1 | evirtual-provider.de |
|
| Details | 1 | vpn@esystematics.de |
||
| Details | 1 | vpn@contactcorporate.de |
||
| Details | 1 | vpn@evirtual-provider.de |
||
| Details | File | 2 | client_pdf_case_388.pdf |
|
| Details | File | 2 | node700.exe |
|
| Details | File | 1278 | node.js |
|
| Details | md5 | 2 | c568b578da49cfcdb37d1e15a358b34a |
|
| Details | md5 | 2 | f5f75c9d71a891cd48b1ae9c7cc9f80d |
|
| Details | md5 | 2 | fedb7287bcccc256a8dad8aeace799f7 |
|
| Details | sha1 | 2 | ae5166a8e17771d438d2d5e6496bee948fce80a4 |
|
| Details | sha1 | 2 | 29a13e190b6dd63e227a7e1561de8edbdeba034b |
|
| Details | sha1 | 2 | 6deea67690f90455280bc7dfed3c69d262bf24f6 |
|
| Details | sha256 | 2 | c404baad60fa3e6bb54a38ab2d736238ccaa06af877da6794e0e4387f8f5f0c6 |
|
| Details | sha256 | 2 | 12069e203234812b15803648160cc6ad1a56ec0e9cebaf12bad249f05dc782ef |
|
| Details | sha256 | 2 | 5d7ed7b8300c94e44488fb21302a348c7893bdaeef80d36b78b0e7f0f20135df |
|
| Details | IPv4 | 3 | 89.185.82.34 |
|
| Details | IPv4 | 3 | 172.22.117.177 |