Yogesh Londhe :verified: · @YogeshLondhe
54 followers · 80 posts · Server infosec.exchange
Gurcu Stealer
build.bat (bd19c59dd5861a3283fc6b534c51e3c7)
-> decode and run embedded base64 binary via certutil
build.exe (716D01D18140EC5E18B1A15C17FB213F)
Exfiltrate data via telegram
#GurcuStealer #Stealer #IOC
Last updated 2 years ago