MetaStealer

MetaStealer GCC 6.3.0 Cygwin build. oc.exe. Sandboxie detect CheckRemoteDebuggerPresent. C2 with AES/block encryption.

Threat Profile
Type Infostealer
Programming LanguageC++ (GCC)
C2 ProtocolHTTP
First Seen2022
Targets Küresel
Purpose / Capabilities
  • Credential+Browser Theft
No C2 servers have been identified for this family yet.

Research Reports (2)

Medium

MetaStealer -- oc.exe GCC 6.3.0 Cygwin Build, Sandboxie Tespit, Şifreleme Debug Çıktısı | Orta

MetaStealer 1.5MB oc.exe. GCC 6.3.0 Cygwin libgcc kaynak yolu. Sandboxie CheckRemoteDebuggerPresent tespit. Header parsed headerSize blockSize sifreli debug.

Read Report →
High

MetaStealer -- Sandboxie Tespiti, Şifreli Config headerSize/blockSize/keySize Ayrıştırıcı | Yüksek

MetaStealer 1.5MB oc.exe. SOFTWARE\Sandboxie registry tespiti. headerSize blockSize keySize encryptedSize config parser.

Read Report →