: Upon execution, it attempts to bypass Windows Defender, establishes persistence, and communicates with a Command & Control (C2) server to exfiltrate data. Data Targeted If executed, the malware seeks to steal:
: Log out of all active sessions on platforms like Google, Discord, and GitHub to invalidate stolen session cookies.
: From a clean device , change passwords for your primary email, banking, and any accounts involving financial data. moe-moe.rar
: Credentials for Discord, Telegram, and Steam to bypass Two-Factor Authentication (2FA).
If you haven't opened the file yet, and empty your recycle bin. : Upon execution, it attempts to bypass Windows
: Most commonly associated with Lumma Stealer , a Malware-as-a-Service (MaaS) that targets sensitive data.
: Screenshots, hardware specifications, and IP address. Recommended Actions If you have interacted with this file: : Credentials for Discord, Telegram, and Steam to
: Saved passwords, cookies, autofill data, and credit card details from Chrome, Edge, and Firefox.