Tag

Apt37

1 brief RSS

Braodo Stealer Screen Capture in TEMP Directory

This analytic detects the creation of screen capture files in the TEMP directory, specifically targeting activity associated with the Braodo stealer malware, which captures screenshots of the victim's desktop as part of its data theft activities.

Splunk Enterprise +2 Braodo Stealer stealc-stealer crypto-stealer braodo-stealer apt37 hellcat-ransomware vip-keylogger screen-capture malware

2r 1t Jan 3, 2024