Upon execution, the malware may use "process hollowing" to inject its malicious code into a legitimate Windows process (like RegAsm.exe or vbc.exe ) to evade detection.
: Targets web browsers, FTP clients, and email applications to extract saved passwords. New folder (2).7z
: Gathers hardware specifications, IP addresses, and operating system details. Upon execution, the malware may use "process hollowing"