Disconnect from the network to prevent data exfiltration.
Malware analysis MailRanger.exe Malicious activity - ANY.RUN MailRanger.exe
2EEDE3040BB67009BC425B48643A6A34A9A28655805CDD09756D25A3930C5922 Distribution: Often distributed via phishing campaigns. Disconnect from the network to prevent data exfiltration
Includes evasion techniques, exfiltration (often via Telegram APIs), and use of the Delphi programming language. Related Benign Tools exfiltration (often via Telegram APIs)
Since the file is known to steal passwords, all sensitive credentials used on the infected machine should be reset from a clean device.