EvilExtractor
EvilExtractor Network Forensics
Erik Hjelmvik | | 1-Password-Cookies, 193.42.33.232, 2-Credentials, 3-Files, 89.116.53.55, ANY.RUN, EvilExtractor, FTP, KK2023.zip, NetworkMiner, sandbox, tria.ge, Triage
I analyzed a PCAP file from a sandbox execution of the Evil Extractor stealer malware earlier today. This stealer collects credentials and files of interest from the victim's computer and exfiltrates them ...