Intel Name: I stealc you: tracking the rapid changes to stealc
Date of Scan: May 2, 2025
Impact: Medium
Summary: The report examines the rapid evolution of the StealC malware, with a focus on version 2 (released in March 2025). Notable upgrades include a streamlined C2 protocol, RC4 encryption, and new payload delivery options such as MSI packages and PowerShell scripts. A revamped control panel enables tailored payload deployment based on geolocation, HWID, and installed software. Enhanced capabilities like multi-monitor screenshots, a unified file grabber, and server-side credential brute-forcing underscore StealC V2’s increased sophistication and threat potential.
