AB Stealer

AB Stealer Description

The AB Stealer is a threat that is used to collect the victims' passwords and other information. The AB Stealer is used to collect information and belongs to a large category of threats that carry out these attacks. The AB Stealer has been around for a while, and traces of the AB Stealer have existed since April 2016. Since its first appearance, the AB Stealer has been updated regularly. Malware analysts have not determined who is responsible for developing and releasing the AB Stealer exactly, but it seems that their primary language is Arabic and that the AB Stealer is being distributed on the Dark Web as a threat builder. The AB Stealer features a Web panel that is relatively simple to use and has been released in various custom versions since its initial release. PC security researchers consider that threats like the AB Stealer represent a real danger to the victims' data and information, and steps should be taken immediately if they suspect that their computers have become infected with a threat like the AB Stealer.

Using the Alphabet to Name a Harmful Scheme

The AB Stealer, although simple, seems to have all of the advanced features that have been seen in more sophisticated information collecting Trojans. The AB Stealer is installed by cybercrooks that use various techniques to hack into the victims' computers. The AB Stealer uses a keylogger component to keep track of the victim's activity on the infected computer. The AB Stealer will inject a bad code onto the victim's computer that allows the AB Stealer to collect passwords for online banks and secure websites. The AB Stealer will take screenshots of the infected computer and send them to a remote location and can run even with limited privileges on the infected computer. The AB Stealer also can extract passwords saved in the most commonly used Web browsers on the Windows operating system.

Additional Details about the AB Stealer and Its Attack

Rather than having the AB Stealer's Command and Control servers on a specific location, criminals will use compromised websites and servers as the AB Stealer's Command and Control servers. After taking advantage of various vulnerabilities, such as weak RDP accounts, the cybercrooks can turn any computer into a Command and Control server virtually, allowing them to avoid detection and being tracked down by the people responsible for the AB Stealer attack. To prevent these attacks, PC security researchers advise computer users to avoid spam email messages, ensure that all software and website platforms are fully updated, and install a strong security program. According to reports from the AB Stealer's developers themselves, the following are the characteristics of the AB Stealer itself, as well as how it is detected by 35 different anti-virus programs on the market:

Filename: AbBuild v.1.0.exe
Filesize: 80,50 kB
Date: 2016-07-24 17 : 16 : 52
MD5: 9e44c10307aa8194753896ecf8102167
SHA1: 6e47601618ef2e2dfb1fed837ba7082cd7a427f4
Status: Infected
Rate: 20/35

Ad-Aware - Trojan.GenericKD.3404642
A-Squared - Trojan.GenericKD.3404642 (B)
Avast - File is clean
AVG Free - Trojan horse PSW.MSIL.BBDK
AntiVir (Avira) - TR/Keylog.exvk
BitDefender - Trojan.GenericKD.3404642
BullGuard - Gen:Variant.Razy.82094
Clam Antivirus - File is clean
COMODO Internet Security - File is clean
Dr.Web - File is clean
ESET NOD32 - Trojan.MSIL/Spy.Keylogger.AVQ
eTrust-Vet - Trojan.GenericKD.3404642
FortiClient - File is clean
F-PROT Antivirus - File is clean
F-Secure Internet Security - Trojan.GenericKD.3404642
G Data - Trojan.GenericKD.3404642
IKARUS Security - Trojan-PWS.MSIL
K7 Ultimate - Spyware ( 004bcf421 )
Kaspersky Antivirus - HEUR:Trojan.Win32.Generic
McAfee - File is clean
MS Security Essentials - TrojanSpy:Win32/Skeeyah.A!rfn
NANO Antivirus - File is clean
Norman - Trojan.GenericKD.3404642
Norton Antivirus - File is clean
Panda CommandLine - Trj/GdSda.A
Panda Security - Suspicious
Quick Heal Antivirus - EE:Malware.GenericKD.3404642
Solo Antivirus - File is clean
Sophos - Mal/Generic-S
SUPERAntiSpyware - File is clean
Trend Micro Internet Security - File is clean
Twister Antivirus - File is clean
VBA32 Antivirus - File is clean
VIPRE - Trojan.Win32.Generic=21BT
Zoner AntiVirus - File is clean

Do You Suspect Your PC May Be Infected with AB Stealer & Other Threats? Scan Your PC with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like AB Stealer as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Note: SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. Free Remover allows you to run a one-off scan and receive, subject to a 48-hour waiting period, one remediation and removal. Free Remover subject to promotional details and Special Promotion Terms. To understand our policies, please also review our EULA, Privacy Policy and Threat Assessment Criteria. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their PC with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your PC. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.