Brand Tinexta Defence

News

DivulgeStealer - Malware Analysis Report

Our Malware Lab conducted an in-depth analysis on DivulgeStealera family of malware belonging to the 'stealer' category, actively promoted in dark web forums. The first version of the builder is freely available on GitHub, however, various searches have revealed the limited availability of technical reports on the analysis of this family. Therefore, we aim to contribute with up-to-date reporting, providing the latest technical evidence on DivulgeStealer. 

The infection analysed by the team originates from a Microsoft Word document containing a malicious VBA macro. When the file is opened, the macro starts the second stage of the infection, downloading a ZIP archive containing a Batch script from a remote server. The latter is extracted and executed automatically. 

The script is designed to generate an executable from internally encoded content, thus completing the third and final stage of the infection chain. 

The decoded executable was, in fact, identified as DivulgeStealera malware developed in .NET, capable of exfiltrating Discord accounts, browser credentials and cryptocurrency walletsby sending the information to a Discord server controlled by the attacker, used as a command and control channel (C2).

If you wish to learn more, here is the link to our full report.

In addition, you can subscribe to the specific mailing list Cyber Studios by Tinexta Defence, to receive updates on upcoming research: https://tinextadefence.it/mailing-list-cyber-studios/

Share:

Categories

Recent articles

Back to News

Related articles

Contact us

Privacy Policy
Accessibility Statement
Tinexta Defence logo

Next | Donexit | Foramil | Innodesi

Tinexta Defence S.p.A. Società Benefit - Sole Shareholder Company - VAT n. 11065701002 - REA n. 1276114 - Rome Companies Register n. 11065701002 - Share Capital € 2,554,285.70 fully paid | Copyright © Tinexta Defence - All Rights Reserved.

Tinexta Defence S.p.A. Società Benefit - Share Capital € 25,000.00 i.v. - VAT No. 17105861003 - REA Rome No. 1696120. Copyright © Tinexta Defence - All Rights Reserved.

Degree in Business Administration from the University of Naples 'Federico II' with an MBA in Business Management achieved with high merit in 2008 by winning a scholarship provided by Invitalia S.p.A. from which she was selected in the first months of attendance as the best MBA profile.

After a brief experience in Invitalia S.p.A., he immediately held increasingly important roles in the management of Administration, Finance and Control of companies operating in the defence sector, theInformation Technology, of Cyber and National Security. In addition, she was Treasury Manager in companies operating in theEnergy.

He obtained an Executive Master in Finance (EMF) at SDA Bocconi in 2020, with a specialisation in Corporate Finance & Control and, in 2022, a further specialisation track in Asset, Wealth Management also at SDA Bocconi.

For over five years it has been the Chief Financial Officer of the Defence Tech Group, whose listing process he followed on the Euronext Growth Milan segment of Borsa Italiana.

From 2017 to 2024, she was a member of the boards of directors of all the legal entity of the Defence Tech Group with delegated powers over their financial management and from October 2021 to October 2024 was a Board Member of the Holding Company.

It is currently also Investor Relations Manager of the listed Defence Tech and follows all ESG issues of the Group.

In July 2021, she was recognised by Federmanager as one of the best talents under 44 at national level, receiving an important award as Young Manager 2020.