: The malware targets sensitive data across more than 100 applications, including popular browsers (Chrome, Firefox, Edge), 2FA plugins, and over 50 cryptocurrency extensions. Functional Capabilities
: It collects machine IDs, IP addresses, localized time zones, and lists of installed software to provide the attacker with a complete victim profile. MarsStealer_8.zip
: It specifically hunts for private keys, wallet addresses, and seed phrases from non-custodial browser wallets like MetaMask and Binance Chain Wallet. : The malware targets sensitive data across more
: In this version, external DLLs are bundled together in a single zip file rather than being downloaded individually, which can streamline the infection process. : In this version, external DLLs are bundled
Once executed, Mars Stealer performs a series of rapid data collection tasks:
: It features more robust anti-debugging and anti-sandbox techniques, such as custom encryption algorithms and configuration formats designed to frustrate static and dynamic analysis.