Gomorrah is a stealer with no or little obfuscation that appeared around March 2020. It is sold for about 150$ lifetime for v4 (originally 400$ for v3) or 100$ per month by its developer called "th3darkly / lucifer" (which is also the developer of CosaNostra botnet). The malware's main functionalities are stealing (passwords, cryptocurrency wallets) and loading of tasks and other payloads.
|2021-12-11 ⋅ Twitter (@vxunderground) ⋅ |
Tweet on Gomorrah panel source code leak
|2020-04-22 ⋅ Github (jstrosch) ⋅ |
Gomorrah stealer (.NET binary)
There is no Yara-Signature yet.