GIFTEDCROOK (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.giftedcrook (Back to overview)

GIFTEDCROOK

Actor(s): UAC-0226

According to CERT-UA, this stealer used by UAC-0226 is written in C/C++, targeting browser databases and using telegram for data exfiltration.

References

2025-04-07 ⋅ SOC Prime ⋅ Veronika Telychko
UAC-0226 Attack Detection: New Cyber-Espionage Campaign Targeting Ukrainian Innovation Hubs and Government Entities with GIFTEDCROOK Stealer
GIFTEDCROOK UAC-0226

2025-04-06 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Target espionage activity UAC-0226 in relation to the centers of innovation, state and law enforcement services using the GIFTEDCROOK (CERT-UA#14303)
GIFTEDCROOK UAC-0226

There is no Yara-Signature yet.

GIFTEDCROOK Propose Change

References

GIFTEDCROOK