oalabs

Live Stream VOD: Bandit Stealer (GoLang) (Patreon)

Published:

2023-09-01 14:30:02

Imported:

2023-09

⚑ Flagged

Content

In this Twitch stream we take a look at Bandit, a new infostealer written in GO that primarily targets browser credentials and crypto wallets. The collected information is uploaded to Telegram with the operator's telegram ID and channel ID hard coded in the binary but there is a separate C2 hosted panel which we have some fun exploring...

One of the main themes that emerges from this stream is how to deal with GoLang obfuscators, specifically Garble. This sets the stage for our next stream where we tackle Garble head on and build some tools!

Samples

050DBD816C222D3C012BA9F2B1308DB8E160E7D891F231272F1EACF19D0A0A06
51f357928b0829743b01733840ad190d6cbb0ac593df23bf8029b6d86ffc9251
623a5f4c57cf5b3feb6775508cd6492f89d55ce11f62e0b6fb1020fd730b2e8f (obfuscated)

Notes

Bandit Stealer Garbled - Garble GO obfuscation analysis

Files

Live Stream VOD: Bandit Stealer (GoLang)

This is "Live Stream VOD: Bandit Stealer (GoLang)" by OALABS on Vimeo, the home for high quality videos and the people who love them.