Amatera (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.amatera (Back to overview)

Amatera

Amatera is a stealer written in C++. It conducts anti-sandbox analysis before enumerating browsers, exfiltrating found cryptocurrency files/wallets and possibly credentials.

References

2025-07-07 ⋅ Github (VenzoV) ⋅ VenzoV
Golang garbled executable from Amatera config
Amatera

2025-06-20 ⋅ Github (VenzoV) ⋅ VenzoV
Analysis of Amatera Stealer v1 (Test build)
Amatera

2025-06-16 ⋅ Proofpoint ⋅ Jeremy Hedges, Proofpoint Threat Research Team, Tommy Madjar
Amatera Stealer: Rebranded ACR Stealer With Improved Evasion, Sophistication
ACR Stealer Amatera

2025-06-10 ⋅ abuse.ch
MalwareBazaar | SHA256 73fd51d4a0959e5c5a82db9be0d765069d02a2b97f51f55f5d6422a7bec01caa (AmateraStealer)
Amatera

There is no Yara-Signature yet.

Amatera Propose Change

References

Amatera