It can modify the Windows Registry to ensure it launches every time the computer starts.
Astral Stealer v1.8 is engineered to "grab" almost any valuable digital asset it finds on an infected machine. Its primary targets include:
The malware scans for local wallet applications and browser extensions, including MetaMask, Phantom, Trust Wallet , and desktop clients like BitcoinCore and DashCore . Astral-Stealer-v1.8.zip
It collects hardware IDs, IP addresses, and screenshots of the victim's desktop. Sophisticated Evasion Techniques
The malware checks if it is being run in a virtual machine (often used by security researchers) and will self-terminate to avoid analysis. It can modify the Windows Registry to ensure
It specifically targets platforms like Steam, Roblox, and Minecraft , attempting to hijack accounts for resale or unauthorized use.
The malware is often sold as a service or shared on platforms like GitHub and Telegram, where attackers can use a "builder" to create their own custom version of the Astral-Stealer-v1.8.zip file. Key Malicious Capabilities It collects hardware IDs, IP addresses, and screenshots
It extracts saved passwords, session cookies (which allow hackers to bypass Multi-Factor Authentication), autofill information, and credit card details from browsers like Chrome and Edge.