A new Gremlin Stealer variant appears to tuck malicious payload material into .NET resources, a move that can make static inspection less effective while the infostealer hunts for cookies, tokens, cards, and wallet data.