Nocturnal Stealer (e7080bce-99b5-4615-a798-a192ed89bd5a)
It is designed to steal data found within multiple Chromium and Firefox based browsers, it can also steal many popular cryptocurrency wallets as well as any saved FTP passwords within FileZilla. Nocturnal Stealer uses several anti-VM and anti-analysis techniques, which include but are not limited to: environment fingerprinting, checking for debuggers and analyzers, searching for known virtual machine registry keys, and checking for emulation software.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Nocturnal Stealer (94793dbc-3649-40a4-9ccc-1b32846ecb3a) | Malpedia | Nocturnal Stealer (e7080bce-99b5-4615-a798-a192ed89bd5a) | Stealer | 1 |