VERY IMPORTANT

Salat Stealer, a sophisticated Go-based infostealer targeting Windows systems, has been identified. It exfiltrates browser credentials, cryptocurrency wallet data, and session information while employing advanced evasion techniques. The malware uses UPX packing, process masquerading, registry run keys, and scheduled tasks for persistence and evasion. Operated under a Malware-as-a-Service model by Russian-speaking actors, it leverages resilient C2 infrastructure. The stealer targets multiple browsers, cryptocurrency wallets, and Telegram sessions. It communicates with its C2 server using UDP and HTTPS, with multiple fallback domains for redundancy. The control panel supports real-time interaction through WebSockets and includes features for remote command execution and system manipulation.