Analysis of Astral Stealer

SUMMARY :

Astral Stealer v1.8 is a powerful malware tool coded in Python, C#, and JavaScript, designed for data theft and crypto wallet exploitation. It targets gaming accounts, browser credentials, and cryptocurrency wallets while employing anti-debugging and VM bypass techniques. The stealer offers advanced features like viewing backup codes, auto-changing email, and an anti-delete system. It uses a customizable builder with a user-friendly interface. Key capabilities include fake error generation, background operation, startup persistence, anti-VM measures, browser extension injection, Discord injection, process termination, and cryptocurrency wallet data extraction. It can bypass security tools, capture system information, disable Windows Defender, and exfiltrate data via webhooks. The malware's public availability on GitHub and its continuous development by multiple contributors pose significant threats to individuals and organizations.

OPENCTI LABELS :

stealer,data exfiltration,cryptocurrency,information theft,browser injection,discord injection,astral stealer


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Analysis of Astral Stealer