Bandit Stealer | ThreatLabz By Mallikarjun Piddannavar Published: 2023-06-03 · Archived: 2026-04-06 00:39:51 UTC 7AB5C494-39F5-4941- 9163-47F54D6D5016 050C3342-FADD-AEDF-EF24- C6454E1A73C9 BB233342-2E01-718F-D4A1-E7F69D02642879AF5279-16CF-4094- 9758-F88A616D81B4 03DE0294-0480-05DE-1A06-3507000800094DC32042-E601-F329- 21C1-03F27564FD6C 9921DE3A-5C1A-DF11-9078- 563412000026 FF577B79-782E-0A4D-8568-B35A9B7EB76B 11111111-2222-3333- 4444-555555555555 DEAEB8CE-A573- 9F48-BD40- 62ED6C223F20 CC5B3F62-2A04- 4D2E-A46C-AA41B7050712 08C1E400-3C56-11EA-8000-3CECEF43FEDE 6F3CA5EC-BEC9- 4A4D-8274- 11168F640058 05790C00-3B21-11EA-8000-3CECEF4400D000000000-0000-0000- 0000-AC1F6BD04986 6ECEAF72-3548-476C-BD8D-73134A9182C8 ADEEEE9E-EF0A-6B84-B14B-B83A54AFC5485EBD2E42-1DB8- 78A6-0EC3- 031B661D5C57 C249957A-AA08- 4B21-933F-9271BEC63C85 49434D53-0200-9036- 2500-369025003865 4C4C4544-0050-3710- 8058-CAC04F59344A 9C6D1742-046D-BC94-ED09- C36F70CC9A91 BE784D56-81F5- 2C8D-9D4B-5AB56F05D86E 119602E8-92F9-BD4B-8979-DA682276D385 00000000-0000-0000- 0000-AC1F6BD04972 907A2A79-7116-4CB6- 9FA5-E5A58C4587CD ACA69200-3C4C-11EA-8000- 3CECEF4401AA 12204D56-28C0-AB03- 51B7-44A8B7525250 https://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer Page 1 of 3 00000000-0000-0000- 0000-000000000000 A9C83342-4800-0578- 1EE8-BA26D2A678D2 3F284CA4-8BDF-489B-A273- 41B44D668F6D 921E2042-70D3-F9F1- 8CBD-B398A21F89C6 5BD24D56-789F-8468- 7CDC-CAA7222CC121 D7382042-00A0-A6F0- 1E51-FD1BBF06CD71 BB64E044-87BA-C847-BC0A-C797D1A16A50 D8C30328-1B06-4611- 8E3C-E433F4F9794E 49434D53-0200-9065- 2500-65902500E439 1D4D3342-D6C4- 710C-98A3- 9CC6571234D5 2E6FB594-9D55-4424- 8E74-CE25A25E36B0 00000000-0000-0000- 0000-50E5493391EF 49434D53-0200-9036- 2500-36902500F022 CE352E42-9339-8484- 293A-BD50CDC639A5 42A82042-3F13-512F-5E3D-6BF4FFFD851800000000-0000-0000- 0000-AC1F6BD04D98 777D84B3-88D1-451C-93E4-D235177420A760C83342-0A97-928D-7316-5F1080A78E7238AB3342-66B0-7175- 0B23-F390B3728B78 4CB82042-BA8F-1748- C941-363C391CA7F3 49434D53-0200-9036- 2500-369025000C65 02AD9898-FA37- 11EB-AC55- 1D0C0A67EA8A 48941AE9-D52F-11DF-BBDA-503734826431B6464A2B-92C7-4B95- A2D0-E5410081B812 B1112042-52E8-E25B-3655-6A4F54155DBF DBCC3514-FA57- 477D-9D1F-1CAF4CC92D0F 032E02B4-0499-05C3- 0806-3C0700080009 FA8C2042-205D-13B0- FCB5-C5CC55577A35 00000000-0000-0000- 0000-AC1F6BD048FE FED63342-E0D6- C669-D53F-253D696D74DA DD9C3342-FB80- 9A31-EB04- 5794E5AE2B4C C6B32042-4EC3-6FDF-C725-6F63914DA7C7 EB16924B-FB6D-4FA1- 8666-17B91F62FB37 2DD1B176-C043- 49A4-830F-C623FFB88F3C E08DE9AA-C704- 4261-B32D-57B2A3993518 FCE23342-91F1-EAFC-BA97-5AAE4509E173 https://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer Page 2 of 3 A15A930C-8251-9645- AF63-E45AD728C20C 4729AEB0-FC07-11E3- 9673-CE39E79C8A00 07E42E42-F43D-3E1C-1C6B-9C7AC120F3B9 CF1BE00F-4AAF-455E-8DCD-B5B09B6BFA8F 67E595EB-54AC-4FF0- B5E3-3DA7C7B547E3 84FE3342-6C67-5FC6- 5639-9B3CA3D775A1 88DC3342-12E6-7D62- B0AE-C80E578E7B07 365B4000-3B25-11EA-8000-3CECEF44010C C7D23342-A5D4-68A1- 59AC-CF40F735B363 DBC22E42-59F7-1329- D9F2-E78A2EE5BD0D 5E3E7FE0-2636-4CB7- 84F5-8D2650FFEC0E 63FA3342-31C7-4E8E-8089-DAFF6CE5E967 63203342-0EB0-AA1A-4DF5-3FB37DBB0670 CEFC836C-8CB1- 45A6-ADD7- 209085EE2A57 96BB3342-6335-0FA8- BA29- E1BA5D8FEFBE 8DA62042-8B59-B4E3- D232-38B29A10964A 44B94D56-65AB-DC02-86A0- 98143A7423BF A7721742-BE24- 8A1C-B859- D7F8251A83D3 0934E336-72E4-4E6A-B3E5-383BD8E938C33A9F3342-D1F2-DF37- 68AE-C10F60BFB462 6608003F-ECE4-494E-B07E-1C4615D1D93C3F3C58D1-B4F2-4019- B2A2-2A500E96AF2E 12EE3342-87A2-32DE-A390-4C2DA4D512E9F5744000-3C78-11EA-8000-3CECEF43FEFE D9142042-8F51-5EFF-D5F8-EE9AE3D1602AD2DC3342-396C-6737- A8F6-0C6673C1DE08 38813342-D7D0-DFC8- C56F-7FC9DFE5C972 AF1B2042-4B90-0000- A4E4-632A1C8C7EB1 49434D53-0200-9036- 2500-369025003AF0 EADD1742-4807- 00A0-F92E-CCD933E9D8C1 FE455D1A-BE27- 4BA4-96C8- 967A6D3A9661 4D4DDC94-E06C-44F4-95FE-33A1ADA5AC27 8B4E8278-525C-7343- B825-280AEBCD3BCB       Source: https://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer https://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer Page 3 of 3 https://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer 3F284CA4-8BDF 00000000-0000-0000- A9C83342-4800-0578- 921E2042-70D3-F9F1- 489B-A273- 0000-000000000000 1EE8-BA26D2A678D2 8CBD-B398A21F89C6 41B44D668F6D BB64E044-87BA 5BD24D56-789F-8468- D7382042-00A0-A6F0- D8C30328-1B06-4611- C847-BC0A 7CDC-CAA7222CC121 1E51-FD1BBF06CD71 8E3C-E433F4F9794E C797D1A16A50 1D4D3342-D6C4- 49434D53-0200-9065- 2E6FB594-9D55-4424- 00000000-0000-0000- 710C-98A3- 2500-65902500E439 8E74-CE25A25E36B0 0000-50E5493391EF 9CC6571234D5 49434D53-0200-9036- CE352E42-9339-8484- 42A82042-3F13-512F 00000000-0000-0000- 2500-36902500F022 293A-BD50CDC639A5 5E3D-6BF4FFFD8518 0000-AC1F6BD04D98 777D84B3-88D1-451C 60C83342-0A97-928D 38AB3342-66B0-7175- 4CB82042-BA8F-1748- 93E4-D235177420A7 7316-5F1080A78E72 0B23-F390B3728B78 C941-363C391CA7F3 02AD9898-FA37- 49434D53-0200-9036- 48941AE9-D52F-11DF B6464A2B-92C7-4B95- 11EB-AC55- 2500-369025000C65 BBDA-503734826431 A2D0-E5410081B812 1D0C0A67EA8A DBCC3514-FA57- B1112042-52E8-E25B 032E02B4-0499-05C3- FA8C2042-205D-13B0- 477D-9D1F 3655-6A4F54155DBF 0806-3C0700080009 FCB5-C5CC55577A35 1CAF4CC92D0F FED63342-E0D6- DD9C3342-FB80- 00000000-0000-0000- C6B32042-4EC3-6FDF C669-D53F 9A31-EB04- 0000-AC1F6BD048FE C725-6F63914DA7C7 253D696D74DA 5794E5AE2B4C 2DD1B176-C043- E08DE9AA-C704- EB16924B-FB6D-4FA1- FCE23342-91F1-EAFC 49A4-830F 4261-B32D 8666-17B91F62FB37 BA97-5AAE4509E173 C623FFB88F3C 57B2A3993518 Page 2 of 3 https://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer CF1BE00F-4AAF A15A930C-8251-9645- 4729AEB0-FC07-11E3- 07E42E42-F43D-3E1C 455e-8DCD AF63-E45AD728C20C 9673-CE39E79C8A00 1C6B-9C7AC120F3B9 B5B09B6BFA8F 67E595EB-54AC-4FF0- 84FE3342-6C67-5FC6- 88DC3342-12E6-7D62- 365B4000-3B25-11EA B5E3-3DA7C7B547E3 5639-9B3CA3D775A1 B0Ae-C80E578E7B07 8000-3CECEF44010C C7D23342-A5D4-68A1- DBC22E42-59F7-1329- 5E3E7FE0-2636-4CB7- 63FA3342-31C7-4E8E 59AC-CF40F735B363 D9F2-E78A2EE5BD0D 84F5-8D2650FFEC0E 8089-DAFF6CE5E967 CEFC836C-8CB1- 96BB3342-6335-0FA8- 63203342-0EB0-AA1A 8DA62042-8B59-B4E3- 45A6-ADD7- BA29- 4DF5-3FB37DBB0670 D232-38B29A10964A 209085EE2A57 E1BA5D8FEFBE 44B94D56-65AB A7721742-BE24- 0934E336-72E4-4E6A 3A9F3342-D1F2-DF37- DC02-86A0- 8A1C-B859- B3E5-383BD8E938C3 68Ae-C10F60BFB462 98143A7423BF D7F8251A83D3 6608003F-ECE4-494E 3F3C58D1-B4F2-4019- 12EE3342-87A2-32DE F5744000-3C78-11EA B07e-1C4615D1D93C B2A2-2A500E96AF2E A390-4C2DA4D512E9 8000-3CECEF43FEFE D9142042-8F51-5EFF D2DC3342-396C-6737- 38813342-D7D0-DFC8- AF1B2042-4B90-0000- D5F8-EE9AE3D1602A A8F6-0C6673C1DE08 C56F-7FC9DFE5C972 A4E4-632A1C8C7EB1 EADD1742-4807- FE455D1A-BE27- 4D4DDC94-E06C 49434D53-0200-9036- 00A0-F92E 4BA4-96C8- 44F4-95FE 2500-369025003AF0 CCD933E9D8C1 967A6D3A9661 33A1ADA5AC27 8B4E8278-525C-7343- B825-280AEBCD3BCB Source: https://www.zscaler.com/blogs/security-research/technical-analysis-bandit-stealer Page 3 of 3