SYMBOLCOMMON_NAMEaka. SYNONYMS
win.giftedcrook (Back to overview)

GIFTEDCROOK

According to CERT-UA, this stealer used by UAC-0226 is written in C/C++, targeting browser databases and using telegram for data exfiltration.

References
2025-04-07SOC PrimeVeronika Telychko
UAC-0226 Attack Detection: New Cyber-Espionage Campaign Targeting Ukrainian Innovation Hubs and Government Entities with GIFTEDCROOK Stealer
GIFTEDCROOK UAC-0219
2025-04-06Cert-UACert-UA
Target espionage activity UAC-0226 in relation to the centers of innovation, state and law enforcement services using the GIFTEDCROOK (CERT-UA#14303)
GIFTEDCROOK

There is no Yara-Signature yet.