A threat actor on a hacker forum is giving away the builder and panel for the Mini Stealer payload without monetary exchange from purchasers. Based on reports, the stealer can target various operating systems such as Windows 7, Windows 10, and Windows 11.
The internet-exposed ZIP files include two folders. The list of files included in the folders are the Builder: MiniStealerBuilder[.]exe, Panel: Web Panel Source code, and a Stub.
These builders could also aid less experienced and newcomer hackers in developing malicious payloads. Experts claimed that the leakage of the Mini Stealer payload builder could allow other hackers to attack Chromium-based browsers and FTP applications.
Furthermore, the threat actor who leaked the builder released the source code of the web panel, which can be utilised to harvest stolen data from a targeted network.
The Mini Stealer payload builder has various other features that inexperienced hackers could use.
Cybersecurity experts explained that the Mini Stealer’s builder has an app that is a 64-bit [.]NET binary that utilises timestamping. In addition, it uses several anti-analysis checks to prevent debugging of the sample.
The code verifies if the COR_ENABLE_PROFILING environment variable exists and is set to one to identify profiling. This stealer runs a threat to check if security solutions are dubbing the malware constantly.
This thread then runs multiple methods such as Debugger[.]islogging, IsDebuggerPresent, and OutputDebugString to check if a debugger is present in the targeted system.
Subsequently, it steals data from configuration files for the FTP application. The builder then duplicates specific files in the AppDataBrowser directory to check browsers’ debugging tools.
A separate researcher stated that the same threat actor made a statement shortly after the release of Mini Stealer. The actor was seen offering the Parrot Stealer builder and panel for a measly $50.
This threat actor claimed that the Parrot Stealer is a modified and improved version of the Mini Stealer payload.
The abundance of free malware builders and panels helps newcomers and inexperienced hackers complete a cybercriminal attack effortlessly against targets. Researchers should not underestimate the threat since it could target numerous operating systems. Lastly, free builders could encourage more criminals to execute their malicious attacks.
