Extracted

• • Target

    VanishRaider-main/vanish.exe

  • Size

    137KB

  • MD5

    ac59764dee7fcebe61b0a9d70f87c1e1

  • SHA1

    4faba8946b946a6eeb121561417ae13e4ec8c606

  • SHA256

    c6487e1da77c82d40628312680ad43343cff5b92462ffeeffed30f46b23625ab

  • SHA512

    b71f1dbc069ee6612b0d6a136d77080f919958e7a6bcdf65260e04ac5efc484042aca0716dda8199970bf7f2d0f4864a4888e3b0dcfd1ef858c615f839c3ac65

  • SSDEEP

    3072:hOH2azx18xzWYlZ/naX58QBJmD5XXt8yVmiKoQk2s:Q109va9BMMyQ

  Score

  10^/10

  phemedronecredential_accessspywarestealerdiscovery

  • Phemedrone

    An information and wallet stealer written in C#.

    stealerphemedrone

  • Phemedrone family

    phemedrone

  • Uses browser remote debugging

    Can be used control the browser and steal sensitive information such as credentials and session cookies.

    credential_accessstealer

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer
  behavioral1behavioral2