user@threatcheck.sh ~ threat-analysis
bash
$ analyze-threat Trojan:Win64/StealC.PGSC!MTB
Trojan:Win64/StealC.PGSC!MTB - Windows Defender threat signature analysis

Trojan:Win64/StealC.PGSC!MTB - Windows Defender Threat Analysis

$ cat analysis.txt
=== THREAT ANALYSIS REPORT ===
Threat Name: Trojan:Win64/StealC.PGSC!MTB
Classification:
Type:Trojan
Platform:Win64
Family:StealC
Detection Type:Concrete
Known malware family with identified signatures
Variant:PGSC
Specific signature variant within the malware family
Suffix:!MTB
Detected via machine learning and behavioral analysis
Detection Method:Behavioral
Confidence:Very High
False-Positive Risk:Low

Concrete signature match: Trojan - Appears legitimate but performs malicious actions for 64-bit Windows platform, family StealC

Summary:

This is a concrete detection of Trojan:Win64/StealC.PGSC, a specific variant of the StealC data stealer, targeting 64-bit Windows systems. Leveraging machine learning behavioral analysis (!MTB), this threat is designed to exfiltrate sensitive information, including credentials, browser data, and cryptocurrency wallet information.

Severity:
High
VDM Static Detection:
No detailed analysis available from definition files.
Known malware which is associated with this threat:
Filename: 0b6d833a53f813296cd1d225ee9e0834.exe
d80566e89d6392f8154b95c81a8fa02ada707d6883497c8a264a7d465b3da622
14/12/2025
VirusTotalDownload Sample
Filename: d7a550d3a02c4d6f8a226259847a9a10_build.exe
9f63d82fd334044ca49d3b503f36180e4e21aec9e2134e13f8e23f862156ecc6
13/12/2025
VirusTotalDownload Sample
Filename: 7d05ca2babff4800adb9219d4a6e9d8e_build.exe
6acf2dfb2433d71da724fb940beb97b9fdf3d1d44b069f003fa915cc527bf51d
13/12/2025
VirusTotalDownload Sample
Filename: 7c8049d115d44f10a0cf92c3a00b4086_build.exe
7f2ef8c397e788078721017fe6be62d5b8a1fd2090b677f742a3b8613cf15f45
13/12/2025
VirusTotalDownload Sample
Filename: f3d5a80d27c049f2ba17d69b09c13bd5_build.exe
aa9b78c1ac0725cf223f4f85c66e7b85f5b5159a7867799970a3ed30ddec04d4
13/12/2025
VirusTotalDownload Sample
Remediation Steps:
Immediately isolate the affected system and perform a full system scan with an updated antivirus program to remove all detected threats. Subsequently, change all critical passwords (e.g., banking, email) and monitor accounts for suspicious activity to mitigate potential data theft.
=== END REPORT ===
$ reanalyze-threat
This analysis was last updated on 11/12/2025. Do you want to analyze it again?
$ ls available-commands/
→ cd /home
user@threatcheck.sh:~$