: The malware targets sensitive data across more than 100 applications, including popular browsers (Chrome, Firefox, Edge), 2FA plugins, and over 50 cryptocurrency extensions. Functional Capabilities
Once executed, Mars Stealer performs a series of rapid data collection tasks: MarsStealer_8.zip
: It features more robust anti-debugging and anti-sandbox techniques, such as custom encryption algorithms and configuration formats designed to frustrate static and dynamic analysis. : The malware targets sensitive data across more
: It specifically hunts for private keys, wallet addresses, and seed phrases from non-custodial browser wallets like MetaMask and Binance Chain Wallet. : To maintain a low footprint, it often
: To maintain a low footprint, it often uninstalls itself immediately after the stolen data has been successfully exfiltrated to the attacker's Command-and-Control (C2) server. Distribution and Evasion eSentire Threat Intelligence Malware Analysis: Mars Stealer
: It extracts stored passwords, autofill data, credit card details, and cookies from browser profiles.