{
	"id": "27e2ac01-367e-4241-90ef-e91ae1bc18b2",
	"created_at": "2026-04-06T01:31:08.377567Z",
	"updated_at": "2026-04-10T03:22:10.944963Z",
	"deleted_at": null,
	"sha1_hash": "e5510867dd0bb9f80487dc8f02cc71a352ea027e",
	"title": "Bandit Stealer | ThreatLabz",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 32846,
	"plain_text": "Bandit Stealer | ThreatLabz\r\nBy Mallikarjun Piddannavar\r\nPublished: 2023-06-03 · Archived: 2026-04-06 00:39:51 UTC\r\n7AB5C494-39F5-4941-\r\n9163-47F54D6D5016\r\n050C3342-FADD-AEDF-EF24-\r\nC6454E1A73C9\r\nBB233342-2E01-718F-D4A1-E7F69D02642879AF5279-16CF-4094-\r\n9758-F88A616D81B4\r\n03DE0294-0480-05DE-1A06-3507000800094DC32042-E601-F329-\r\n21C1-03F27564FD6C\r\n9921DE3A-5C1A-DF11-9078-\r\n563412000026\r\nFF577B79-782E-0A4D-8568-B35A9B7EB76B\r\n11111111-2222-3333-\r\n4444-555555555555\r\nDEAEB8CE-A573-\r\n9F48-BD40-\r\n62ED6C223F20\r\nCC5B3F62-2A04-\r\n4D2E-A46C-AA41B7050712\r\n08C1E400-3C56-11EA-8000-3CECEF43FEDE\r\n6F3CA5EC-BEC9-\r\n4A4D-8274-\r\n11168F640058\r\n05790C00-3B21-11EA-8000-3CECEF4400D000000000-0000-0000-\r\n0000-AC1F6BD04986\r\n6ECEAF72-3548-476C-BD8D-73134A9182C8\r\nADEEEE9E-EF0A-6B84-B14B-B83A54AFC5485EBD2E42-1DB8-\r\n78A6-0EC3-\r\n031B661D5C57\r\nC249957A-AA08-\r\n4B21-933F-9271BEC63C85\r\n49434D53-0200-9036-\r\n2500-369025003865\r\n4C4C4544-0050-3710-\r\n8058-CAC04F59344A\r\n9C6D1742-046D-BC94-ED09-\r\nC36F70CC9A91\r\nBE784D56-81F5-\r\n2C8D-9D4B-5AB56F05D86E\r\n119602E8-92F9-BD4B-8979-DA682276D385\r\n00000000-0000-0000-\r\n0000-AC1F6BD04972\r\n907A2A79-7116-4CB6-\r\n9FA5-E5A58C4587CD\r\nACA69200-3C4C-11EA-8000-\r\n3CECEF4401AA\r\n12204D56-28C0-AB03-\r\n51B7-44A8B7525250\r\nhttps://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer\r\nPage 1 of 3\n\n00000000-0000-0000-\r\n0000-000000000000\r\nA9C83342-4800-0578-\r\n1EE8-BA26D2A678D2\r\n3F284CA4-8BDF-489B-A273-\r\n41B44D668F6D\r\n921E2042-70D3-F9F1-\r\n8CBD-B398A21F89C6\r\n5BD24D56-789F-8468-\r\n7CDC-CAA7222CC121\r\nD7382042-00A0-A6F0-\r\n1E51-FD1BBF06CD71\r\nBB64E044-87BA-C847-BC0A-C797D1A16A50\r\nD8C30328-1B06-4611-\r\n8E3C-E433F4F9794E\r\n49434D53-0200-9065-\r\n2500-65902500E439\r\n1D4D3342-D6C4-\r\n710C-98A3-\r\n9CC6571234D5\r\n2E6FB594-9D55-4424-\r\n8E74-CE25A25E36B0\r\n00000000-0000-0000-\r\n0000-50E5493391EF\r\n49434D53-0200-9036-\r\n2500-36902500F022\r\nCE352E42-9339-8484-\r\n293A-BD50CDC639A5\r\n42A82042-3F13-512F-5E3D-6BF4FFFD851800000000-0000-0000-\r\n0000-AC1F6BD04D98\r\n777D84B3-88D1-451C-93E4-D235177420A760C83342-0A97-928D-7316-5F1080A78E7238AB3342-66B0-7175-\r\n0B23-F390B3728B78\r\n4CB82042-BA8F-1748-\r\nC941-363C391CA7F3\r\n49434D53-0200-9036-\r\n2500-369025000C65\r\n02AD9898-FA37-\r\n11EB-AC55-\r\n1D0C0A67EA8A\r\n48941AE9-D52F-11DF-BBDA-503734826431B6464A2B-92C7-4B95-\r\nA2D0-E5410081B812\r\nB1112042-52E8-E25B-3655-6A4F54155DBF\r\nDBCC3514-FA57-\r\n477D-9D1F-1CAF4CC92D0F\r\n032E02B4-0499-05C3-\r\n0806-3C0700080009\r\nFA8C2042-205D-13B0-\r\nFCB5-C5CC55577A35\r\n00000000-0000-0000-\r\n0000-AC1F6BD048FE\r\nFED63342-E0D6-\r\nC669-D53F-253D696D74DA\r\nDD9C3342-FB80-\r\n9A31-EB04-\r\n5794E5AE2B4C\r\nC6B32042-4EC3-6FDF-C725-6F63914DA7C7\r\nEB16924B-FB6D-4FA1-\r\n8666-17B91F62FB37\r\n2DD1B176-C043-\r\n49A4-830F-C623FFB88F3C\r\nE08DE9AA-C704-\r\n4261-B32D-57B2A3993518\r\nFCE23342-91F1-EAFC-BA97-5AAE4509E173\r\nhttps://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer\r\nPage 2 of 3\n\nA15A930C-8251-9645-\r\nAF63-E45AD728C20C\r\n4729AEB0-FC07-11E3-\r\n9673-CE39E79C8A00\r\n07E42E42-F43D-3E1C-1C6B-9C7AC120F3B9\r\nCF1BE00F-4AAF-455E-8DCD-B5B09B6BFA8F\r\n67E595EB-54AC-4FF0-\r\nB5E3-3DA7C7B547E3\r\n84FE3342-6C67-5FC6-\r\n5639-9B3CA3D775A1\r\n88DC3342-12E6-7D62-\r\nB0AE-C80E578E7B07\r\n365B4000-3B25-11EA-8000-3CECEF44010C\r\nC7D23342-A5D4-68A1-\r\n59AC-CF40F735B363\r\nDBC22E42-59F7-1329-\r\nD9F2-E78A2EE5BD0D\r\n5E3E7FE0-2636-4CB7-\r\n84F5-8D2650FFEC0E\r\n63FA3342-31C7-4E8E-8089-DAFF6CE5E967\r\n63203342-0EB0-AA1A-4DF5-3FB37DBB0670\r\nCEFC836C-8CB1-\r\n45A6-ADD7-\r\n209085EE2A57\r\n96BB3342-6335-0FA8-\r\nBA29-\r\nE1BA5D8FEFBE\r\n8DA62042-8B59-B4E3-\r\nD232-38B29A10964A\r\n44B94D56-65AB-DC02-86A0-\r\n98143A7423BF\r\nA7721742-BE24-\r\n8A1C-B859-\r\nD7F8251A83D3\r\n0934E336-72E4-4E6A-B3E5-383BD8E938C33A9F3342-D1F2-DF37-\r\n68AE-C10F60BFB462\r\n6608003F-ECE4-494E-B07E-1C4615D1D93C3F3C58D1-B4F2-4019-\r\nB2A2-2A500E96AF2E\r\n12EE3342-87A2-32DE-A390-4C2DA4D512E9F5744000-3C78-11EA-8000-3CECEF43FEFE\r\nD9142042-8F51-5EFF-D5F8-EE9AE3D1602AD2DC3342-396C-6737-\r\nA8F6-0C6673C1DE08\r\n38813342-D7D0-DFC8-\r\nC56F-7FC9DFE5C972\r\nAF1B2042-4B90-0000-\r\nA4E4-632A1C8C7EB1\r\n49434D53-0200-9036-\r\n2500-369025003AF0\r\nEADD1742-4807-\r\n00A0-F92E-CCD933E9D8C1\r\nFE455D1A-BE27-\r\n4BA4-96C8-\r\n967A6D3A9661\r\n4D4DDC94-E06C-44F4-95FE-33A1ADA5AC27\r\n8B4E8278-525C-7343-\r\nB825-280AEBCD3BCB\r\n     \r\nSource: https://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer\r\nhttps://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer\r\nPage 3 of 3\n\n https://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer 3F284CA4-8BDF\u0002 \n00000000-0000-0000- A9C83342-4800-0578-  921E2042-70D3-F9F1-\n  489B-A273- \n0000-000000000000 1EE8-BA26D2A678D2  8CBD-B398A21F89C6\n  41B44D668F6D \n  BB64E044-87BA\u0002 \n5BD24D56-789F-8468- D7382042-00A0-A6F0-  D8C30328-1B06-4611-\n  C847-BC0A\u0002 \n7CDC-CAA7222CC121 1E51-FD1BBF06CD71  8E3C-E433F4F9794E\n  C797D1A16A50 \n 1D4D3342-D6C4-  \n49434D53-0200-9065-  2E6FB594-9D55-4424- 00000000-0000-0000-\n 710C-98A3-  \n2500-65902500E439  8E74-CE25A25E36B0 0000-50E5493391EF\n 9CC6571234D5  \n49434D53-0200-9036- CE352E42-9339-8484- 42A82042-3F13-512F\u0002 00000000-0000-0000-\n2500-36902500F022 293A-BD50CDC639A5 5E3D-6BF4FFFD8518 0000-AC1F6BD04D98\n777D84B3-88D1-451C\u0002 60C83342-0A97-928D\u0002 38AB3342-66B0-7175- 4CB82042-BA8F-1748-\n93E4-D235177420A7 7316-5F1080A78E72 0B23-F390B3728B78 C941-363C391CA7F3\n 02AD9898-FA37-  \n49434D53-0200-9036-  48941AE9-D52F-11DF\u0002 B6464A2B-92C7-4B95-\n 11EB-AC55-  \n2500-369025000C65  BBDA-503734826431 A2D0-E5410081B812\n 1D0C0A67EA8A  \n DBCC3514-FA57-  \nB1112042-52E8-E25B\u0002  032E02B4-0499-05C3- FA8C2042-205D-13B0-\n 477D-9D1F\u0002  \n3655-6A4F54155DBF  0806-3C0700080009 FCB5-C5CC55577A35\n 1CAF4CC92D0F  \n FED63342-E0D6- DD9C3342-FB80- \n00000000-0000-0000-   C6B32042-4EC3-6FDF\u0002\n C669-D53F\u0002 9A31-EB04- \n0000-AC1F6BD048FE   C725-6F63914DA7C7\n 253D696D74DA 5794E5AE2B4C \n 2DD1B176-C043- E08DE9AA-C704- \nEB16924B-FB6D-4FA1-   FCE23342-91F1-EAFC\u0002\n 49A4-830F\u0002 4261-B32D\u0002 \n8666-17B91F62FB37   BA97-5AAE4509E173\n C623FFB88F3C 57B2A3993518 \n  Page 2 of 3 \n\n https://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer  CF1BE00F-4AAF\u0002\nA15A930C-8251-9645- 4729AEB0-FC07-11E3- 07E42E42-F43D-3E1C\u0002 \n   455e-8DCD\u0002\nAF63-E45AD728C20C 9673-CE39E79C8A00 1C6B-9C7AC120F3B9 \n   B5B09B6BFA8F\n67E595EB-54AC-4FF0- 84FE3342-6C67-5FC6- 88DC3342-12E6-7D62- 365B4000-3B25-11EA\u0002\nB5E3-3DA7C7B547E3 5639-9B3CA3D775A1 B0Ae-C80E578E7B07 8000-3CECEF44010C\nC7D23342-A5D4-68A1- DBC22E42-59F7-1329- 5E3E7FE0-2636-4CB7- 63FA3342-31C7-4E8E\u0002\n59AC-CF40F735B363 D9F2-E78A2EE5BD0D 84F5-8D2650FFEC0E 8089-DAFF6CE5E967\n CEFC836C-8CB1- 96BB3342-6335-0FA8- \n63203342-0EB0-AA1A\u0002   8DA62042-8B59-B4E3-\n 45A6-ADD7- BA29- \n4DF5-3FB37DBB0670   D232-38B29A10964A\n 209085EE2A57 E1BA5D8FEFBE \n44B94D56-65AB\u0002 A7721742-BE24-  \n  0934E336-72E4-4E6A\u0002 3A9F3342-D1F2-DF37-\nDC02-86A0- 8A1C-B859-  \n  B3E5-383BD8E938C3 68Ae-C10F60BFB462\n98143A7423BF D7F8251A83D3  \n6608003F-ECE4-494E\u0002 3F3C58D1-B4F2-4019- 12EE3342-87A2-32DE\u0002 F5744000-3C78-11EA\u0002\nB07e-1C4615D1D93C B2A2-2A500E96AF2E A390-4C2DA4D512E9 8000-3CECEF43FEFE\nD9142042-8F51-5EFF\u0002 D2DC3342-396C-6737- 38813342-D7D0-DFC8- AF1B2042-4B90-0000-\nD5F8-EE9AE3D1602A A8F6-0C6673C1DE08 C56F-7FC9DFE5C972 A4E4-632A1C8C7EB1\n EADD1742-4807- FE455D1A-BE27- 4D4DDC94-E06C\u0002\n49434D53-0200-9036-   \n 00A0-F92E\u0002 4BA4-96C8- 44F4-95FE\u0002\n2500-369025003AF0   \n CCD933E9D8C1 967A6D3A9661 33A1ADA5AC27\n8B4E8278-525C-7343-   \nB825-280AEBCD3BCB   \nSource: https://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer   \n  Page 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer"
	],
	"report_names": [
		"technical-analysis-bandit-stealer"
	],
	"threat_actors": [],
	"ts_created_at": 1775439068,
	"ts_updated_at": 1775791330,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/e5510867dd0bb9f80487dc8f02cc71a352ea027e.pdf",
		"text": "https://archive.orkl.eu/e5510867dd0bb9f80487dc8f02cc71a352ea027e.txt",
		"img": "https://archive.orkl.eu/e5510867dd0bb9f80487dc8f02cc71a352ea027e.jpg"
	}
}