Infostealer

Description

(FireEye) Infostealer/stereoversioncontrol.exe downloads a RAR file, as well as the get-logon-history.ps1 tool. It runs several commands on the infected machine to gather information about it and also the Firefox data of all users of the machine. It then compresses this information before transferring it to a remote directory. Infostealer/Sha.exe/Sha432.exe operates in a similar manner, gathering information about the infected machine.

Names

Name
Infostealer
stereoversioncontrol

Type

Reconnaissance
Info stealer

Information

https://symantec-blogs.broadcom.com/blogs/threat-intelligence/tortoiseshell-apt-supply-chain

Other Information

Uuid

37806589-2fd5-4d04-aed6-f1d7bb633263

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

Infostealer

Infostealer

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks