Skip to content

Hide Navigation Hide TOC

Troll Stealer (9d4c38dc-6549-5bde-9ce4-a54ae8ca596e)

Troll Stealer is an information stealer written in Go associated with Kimsuky operations. Troll Stealer has typically been delivered through a dropper disguised as a legitimate security program installation file. Troll Stealer features code similar to AppleSeed, also uniquely associated with Kimsuky operations.[S2W Troll Stealer 2024][Symantec Troll Stealer 2024]

Cluster A Galaxy A Cluster B Galaxy B Level
Troll Stealer (9d4c38dc-6549-5bde-9ce4-a54ae8ca596e) Tidal Software Kimsuky (37f317d8-02f0-43d4-8a7d-7a65ce8aadf1) Tidal Groups 1