Overview

overview

10

Static

static

3

AppSetup_U...er.rar

windows10-2004-x64

3

AppSetup_U...am.pak

windows10-2004-x64

3

AppSetup_U...de.ps1

windows10-2004-x64

1

AppSetup_U...el.pak

windows10-2004-x64

3

AppSetup_U...GB.pak

windows10-2004-x64

3

AppSetup_U...US.pak

windows10-2004-x64

3

AppSetup_U...19.pak

windows10-2004-x64

3

AppSetup_U...es.pak

windows10-2004-x64

3

AppSetup_U...et.pak

windows10-2004-x64

3

AppSetup_U...fa.pak

windows10-2004-x64

3

AppSetup_U...fi.pak

windows10-2004-x64

3

AppSetup_U...il.pak

windows10-2004-x64

3

AppSetup_U...fr.pak

windows10-2004-x64

3

AppSetup_U...gu.pak

windows10-2004-x64

3

AppSetup_U...he.pak

windows10-2004-x64

3

AppSetup_U...hi.pak

windows10-2004-x64

3

AppSetup_U...hr.pak

windows10-2004-x64

3

AppSetup_U...hu.pak

windows10-2004-x64

3

AppSetup_U...id.pak

windows10-2004-x64

3

AppSetup_U...it.pak

windows10-2004-x64

3

AppSetup_U...ja.pak

windows10-2004-x64

3

AppSetup_U...kn.pak

windows10-2004-x64

3

AppSetup_U...ko.pak

windows10-2004-x64

3

AppSetup_U...lt.pak

windows10-2004-x64

3

AppSetup_U...lv.pak

windows10-2004-x64

3

AppSetup_U...ml.pak

windows10-2004-x64

3

AppSetup_U...nb.ps1

windows10-2004-x64

1

AppSetup_U...app.js

windows10-2004-x64

1

AppSetup_U...te.dll

windows10-2004-x64

3

AppSetup_U...ar.dll

windows10-2004-x64

3

AppSetup_U...ge.dll

windows10-2004-x64

3

AppSetup_U...up.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AppSetup_Update-Launcher.rar

  • Size

    81.2MB

  • Sample

    230518-nl3ymaae96

  • MD5

    dfc9d426bc049010398cd315e4cb796a

  • SHA1

    6c1e4d4f2e770286d3abea116bec6ded8126f06b

  • SHA256

    f2e6ac8a6218654c3e13d4cf83edc3891cab488f91b68b4cfbd11bc1e2c49bfb

  • SHA512

    e88424a1dec624f72453566cd8fc785d086321ce51f2dcf52a91cd9293c44db3af3a911a268bce3b5af0db3de84224aad6b1428d21dc10433549563c33a6bd1f

  • SSDEEP

    1572864:53aV+g/Ro0Ea4i4RVAEs+mvnGs+mvnaEkU0/+vJqdROIozCJVgtYTPI8TDwIRS:53a8g/RLEaua5+4r+4aEkXWvA+RzCUt7

Score
10/10
vidarb89068e4534861e37a204b27184d8ae5discoveryspywarestealer

Malware Config

Extracted

Family

vidar

Version

3.8

Botnet

b89068e4534861e37a204b27184d8ae5

C2

https://steamcommunity.com/profiles/76561198272578552

https://t.me/libpcre
Attributes
  • profile_id_v2

    b89068e4534861e37a204b27184d8ae5

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7

Targets

    • Target

      AppSetup_Update-Launcher.rar

    • Size

      81.2MB

    • MD5

      dfc9d426bc049010398cd315e4cb796a

    • SHA1

      6c1e4d4f2e770286d3abea116bec6ded8126f06b

    • SHA256

      f2e6ac8a6218654c3e13d4cf83edc3891cab488f91b68b4cfbd11bc1e2c49bfb

    • SHA512

      e88424a1dec624f72453566cd8fc785d086321ce51f2dcf52a91cd9293c44db3af3a911a268bce3b5af0db3de84224aad6b1428d21dc10433549563c33a6bd1f

    • SSDEEP

      1572864:53aV+g/Ro0Ea4i4RVAEs+mvnGs+mvnaEkU0/+vJqdROIozCJVgtYTPI8TDwIRS:53a8g/RLEaua5+4r+4aEkXWvA+RzCUt7

    Score
    3/10
    behavioral1

    • Target

      AppSetup_Update-Launcher/Data/am.pak

    • Size

      531KB

    • MD5

      e8bac983607c5432f789afdacdda42ac

    • SHA1

      95c26f47f7102be338263fd7f7e365632651f22e

    • SHA256

      ee363b88697a26d486c77bbf05f5f7f62d4b40c235e1d85e11448083070576f7

    • SHA512

      5e26f40c8dc088d21b9b6a01041ece3bd4b2899ee33fdd85be995545c7a24860fdc9c672da8c9345a08891e0bac04ccf4d65de543f4cfba0bab0ae3fb32354c7

    • SSDEEP

      12288:GguzxX8xfzKsEYg95z9SBeuUPQvx30jH8+I:GX8xfzKnYg95z9SBoPQr

    Score
    3/10
    behavioral2

    • Target

      AppSetup_Update-Launcher/Data/de.pak

    • Size

      367KB

    • MD5

      cfc9d90273c31ccf66d81739aa76306a

    • SHA1

      ecab570041654b147b3dd118829e2f7ae668f840

    • SHA256

      8bd127d689be65e45bb8d2a2ff66698200da97835809c6b56ec9e2929b70618a

    • SHA512

      c9a5058b34c4045ff1b7ae25f1f47bff14d06b3a97b7b1f30da65618ca7aeb0638d79f4e1cea4773cd92d9dfa7f9d2203e5734d0cfe11ee2d2a460d6cec18380

    • SSDEEP

      6144:F+QNkAjzYyqSFaPjON3Be0mzBWCj0Xs5HgIxBI0gql:cQLjMyvFaCN3mzBd5xy0gql

    Score
    1/10
    behavioral3

    • Target

      AppSetup_Update-Launcher/Data/el.pak

    • Size

      664KB

    • MD5

      8f5a15560710db2af852512b7298b93e

    • SHA1

      30a13ebef10108effbad8c24b680228660658415

    • SHA256

      bc07e403272a4d65305fe24a827404d7b931d01cda547f8c07a840d19e591430

    • SHA512

      e3cedc0eaa82b10a68a40aca8ec1379a6bb924766e1c5abd97e39c621dcbc195d6c1ff80921c2320f0f1c87d160bc2a6258108399876339e5104f98d90a861de

    • SSDEEP

      12288:RdquNwK202pgaZH4q5OaPY3HvO9K63/fgBsbfFnxHuhWTT9rkv0pfBtMMkffFZig:RdquNwK202pgaWqsaA3Hm9K63/fgBs9I

    Score
    3/10
    behavioral4

    • Target

      AppSetup_Update-Launcher/Data/en-GB.pak

    • Size

      299KB

    • MD5

      05ac84aa6987eb1f55021b6fba56d364

    • SHA1

      58cb66bba3af0c6cc742488ccc342d33fc118660

    • SHA256

      e1e357c853eed83fb6c4133f8f4df377a8eda4fe6f0e55395f21c5ab6e38faa8

    • SHA512

      c615e1eb01412c5e2c0402242d442a6cf08965318d1c0d261ca5bc6df9acba5efa2c87ade20e1e4740d2239ea56d1ce4d3fc7a4c3eabe81b876ecb364b3e91b6

    • SSDEEP

      6144:WJeP/KOb6vG8GGvDJAgdMP9ectcaAfaYEnG2J05SSvqo:1COb6ugdMrcarnGf5SSio

    Score
    3/10
    behavioral5

    • Target

      AppSetup_Update-Launcher/Data/en-US.pak

    • Size

      302KB

    • MD5

      3fef69b20e6f9599e9c2369398e571c0

    • SHA1

      92be2b65b62938e6426ab333c82d70d337666784

    • SHA256

      a99bd31907bbdc12bdfbff7b9da6ddd850c273f3a6ece64ee8d1d9b6ef0c501c

    • SHA512

      3057edfb719c07972fd230514ac5e02f88b04c72356fa4a5e5291677dcbab03297942d5ecdc62c8e58d0088aed4d6ea53806c01f0ea622942feb06584241ad2d

    • SSDEEP

      6144:yoaiWmH9xPN6DacNMP9elahdQfaYejDJDsN5ySMZswS:taiWF+cNMbhd7jDJi5ySEswS

    Score
    3/10
    behavioral6

    • Target

      AppSetup_Update-Launcher/Data/es-419.pak

    • Size

      366KB

    • MD5

      13c6d0a268545541f325375d431b41ae

    • SHA1

      5f5c41348f00c5e5539d261c2b76ae6e3ec7af83

    • SHA256

      943fa8774ade38d57349a5d27869097a782bc06bd34c40864a85ba829457d127

    • SHA512

      09cbb2b21304ca8afa8b760b738adb5422e83550085f1aed8e8590eeef04a2b0e131e1ead6723c3e85383630c483d7720e55f71305ff4821d7822fe6d7aa4252

    • SSDEEP

      3072:rt+uPUzEx0HrKJBjQMU0dmdv5jrqMCOyu0sdzPh7buhwwJ3Os57lLfGLFg3WSszj:rt+o+I0H6nUxv5rYQQJH5sLFg3WSsTG6

    Score
    3/10
    behavioral7

    • Target

      AppSetup_Update-Launcher/Data/es.pak

    • Size

      367KB

    • MD5

      c8086dc25cf0a3c978b2c3b37edf8d67

    • SHA1

      7b6d2ce8b3cc5a33ab2bcd23114fe65ccc568e7a

    • SHA256

      11ef2c0229c1fe1c10be08e3d5f36c973bc3c272f37b40e05c534a118757461b

    • SHA512

      230e6999a6fea1df3b2708eb331a2c25ca53677b3453745ff9cc7fbbc013b69148af5609166720255a2db7e63b25e2d0c599fb07057a6b47bf61f63ea9db9e01

    • SSDEEP

      6144:OYkS2J1Bc2UoWCfgfr56ZLb5R7q5zrB7bUlo4AN6PZmz:OYl2XWn5r0pFRm5zreloXnz

    Score
    3/10
    behavioral8

    • Target

      AppSetup_Update-Launcher/Data/et.pak

    • Size

      330KB

    • MD5

      054865950b3b9e8312a7f9490268eaca

    • SHA1

      28b0176112eddb7af58386b4f8aed4a49b9a2661

    • SHA256

      3599e7138a24a31839da877cc9718b9c0c9522437ea93a6222a119080f108d14

    • SHA512

      bfc72f19ad1a52c0da82409accb33a27b2844ed29010207268c7d695ad7562a8867a87b70ac50142909b50b81a5c84d6f6a43968353ae7a72bc042aea8cbb59f

    • SSDEEP

      6144:GPJXg42WkHwGkDmzZpDM0djry2zuJbT/RcLvihV15Ujc43ceLfLPQu:6JuvymrDbWF15Ujf

    Score
    3/10
    behavioral9

    • Target

      AppSetup_Update-Launcher/Data/fa.pak

    • Size

      535KB

    • MD5

      c27431f2de37b9643b83e383f7eae5a8

    • SHA1

      16d068d9738e1aa9b94658299a4eac3972520864

    • SHA256

      bb28ad47e95aefaa2d8d7b6a7f449f9707cfadbcd4c21bad8bd8a6578108d2cd

    • SHA512

      4ccc46dc7756ea0e60e6d278bcac1262a54ba03742fd0eb4d9f1f962486394fa56491844871dacb4cb0501c6f594334d3f23f3db82bfdfa1f938e1ae609d6600

    • SSDEEP

      12288:aGz43DX9nuya1jfwHLwNUaGSSfStQvueKT+JwMTAKzIxRAQiHedNu3htodxWetlh:aF3luya1jfwrwNUaGSSfStQvueKT+Jw7

    Score
    3/10
    behavioral10

    • Target

      AppSetup_Update-Launcher/Data/fi.pak

    • Size

      338KB

    • MD5

      aac0554a39bb1ae91e2ed4246e04c30e

    • SHA1

      031785024765eda1534fd9504eccbe1b471ae618

    • SHA256

      df8cefa4831fc2fdf817dd6d49a6373edee4f51f23cf990c690e72ce348f69bb

    • SHA512

      a6afc9464047c75157dcb8ece086c1c5bf4dccb48d33da24e35c43110f300cfea503c4cca093f3d4bcc7a0fdcb306138da5be288ef646881b625751e40d93689

    • SSDEEP

      6144:3pR/2jxpvwhnVgQsm3aOE/8aCEELsR5w5jSH4EJ18GWU/8nZRuX1wr2:vOnvoG8a35w5+H4EJ18GWU/o2

    Score
    3/10
    behavioral11

    • Target

      AppSetup_Update-Launcher/Data/fil.pak

    • Size

      379KB

    • MD5

      f989a7215cac1e3fb4759e5fba9aef67

    • SHA1

      5ecf35f160e1f8242b3bca163673e24cf6d77403

    • SHA256

      448bc8eae353c188ffaa4c2466956598ad807f0f0aae7f12e1bc59584e1aac2d

    • SHA512

      b872beb5b1c2702f4eae616f633318b4575f573c06a3f1f0f1e1ab83585a52caf2f3c788c0c3a0d499c381fb7f06a3ea355b8686ded2ed1e392662f2746db01f

    • SSDEEP

      6144:Po2wvMrF/y/DQkaRqQHunLxenGkZ3+mo59gmPHkAxw78:ykeCBHudqo5KmF

    Score
    3/10
    behavioral12

    • Target

      AppSetup_Update-Launcher/Data/fr.pak

    • Size

      395KB

    • MD5

      13968778147dad5af68fdb7464ca517c

    • SHA1

      42abb9873c472a82d400e6896e90731b7cae06b5

    • SHA256

      7af39af49846fba6d6b8ee18b2a212f1323ebc1cff1af0053194d01d8d5433f6

    • SHA512

      c1f54ccf4f82e158173d9db8464adca64a88f8ddee23afbb51d80535b4f25f138dac16a337504ca3ff8c3dbe9aff05ecc2aaa40afe8d77bbbd4f141b07e39100

    • SSDEEP

      12288:k7L2tn6QuagV1YzhKJZsMYnYE1OxBW50xLHIWWCMcpU8wRp5a5FQusDh6dBKIJFb:GJVdMcN5B

    Score
    3/10
    behavioral13

    • Target

      AppSetup_Update-Launcher/Data/gu.pak

    • Size

      755KB

    • MD5

      7b476c423ce29e61b0b21d7b6a2a56b2

    • SHA1

      5558dcec5b2580345b0797f1f2ea41952417335a

    • SHA256

      047da4dfadcfc6bec8f4dc7d250b1757caf31a23bcfa2ea3e1f3b1cdbe9a3995

    • SHA512

      a494ab32e45cf74e2b7e0424b4e3740470c5c6cfac8f6cc980a681eb8c21cab76255391b6884134593dc7b1029ffd861f74b47130533232881c137c41ef92cac

    • SSDEEP

      3072:/h/zHr2DzDNmtZITYKMaWZu/lsMhmkTd4MUz2sQm251jvHsWnIIRfAHw/g/I/B6i:/ZDizBm/Voaz5cYh+Gyj

    Score
    3/10
    behavioral14

    • Target

      AppSetup_Update-Launcher/Data/he.pak

    • Size

      468KB

    • MD5

      f4dad4f97b5f75d6d7219d43f630c2b9

    • SHA1

      ed8c790b3b5e3faf683aa978895f266eea5b823e

    • SHA256

      6649a844f222cfcec01e75d3de3cb3658f1347ea3851d31b8124597b87e7b57d

    • SHA512

      f00e7e38ec0da1c110b4142dd13b3cae8b912c16518eeb4cfd7f19a0cef2c6601ec1e4959597066703b12b7dffb44fd918c7170231c2b42e40b0d90241b85133

    • SSDEEP

      12288:lsQOFiBr3By4L92QmYq6A560SAX4o75P5oAHM7O5p9mTfDnwPEQgo:lsbss5Bok

    Score
    3/10
    behavioral15

    • Target

      AppSetup_Update-Launcher/Data/hi.pak

    • Size

      787KB

    • MD5

      1185163466551aacae45329c93e92a91

    • SHA1

      0dcbfed274934991966ce666d6d941cfe8366323

    • SHA256

      eda355e3785313e3d982c1d3652266dce1b6e08832056fe58854b825e0712ca5

    • SHA512

      6fad3e24eb868acf78db0591c7ba77abc84e92cda28e8bffee435ea89940a8607e7628c6c5159349377a8d933f373db2dfa4e5715ca404bc3e67fd4a0f22a606

    • SSDEEP

      3072:4m//Yxz8BS65Ob5EeQzFc67R7dk5Sv34QAEm5dmLrsoe4GR3doInN8edYbOqGPt5:rYZ895O9ExFlReg5R5HQO4

    Score
    3/10
    behavioral16

    • Target

      AppSetup_Update-Launcher/Data/hr.pak

    • Size

      365KB

    • MD5

      04fdc1dac2cae614b0f566310dc83bd0

    • SHA1

      74e460e19a5e9c8b6181fa37cb9085f93bbc6233

    • SHA256

      bada5828fc0d80c842d1409b54e8da516ae737ca30d86658b3fad5c8ace4722e

    • SHA512

      a07bebd16f00b0b46059a7b80454664757687a59903bc36cb837cfb55e69bf7f683157372f74ff8355ad50c3b747c9674ee942aac95a9804c39acb3841721d24

    • SSDEEP

      3072:Rt0zZ58bkQijHuVGgYzgJ5OSFT0uPFG4rV6WI6DkYAiKbeMuVjLsGW0Yqz7pFyLI:72Z5QYuVb3P6T5D37pW

    Score
    3/10
    behavioral17

    • Target

      AppSetup_Update-Launcher/Data/hu.pak

    • Size

      395KB

    • MD5

      410d8966721ff8817eb3a57f95a4b885

    • SHA1

      f0fbe70c772bd635b0c4a927420e15b96dae05a5

    • SHA256

      688312f38488c7256370b1517b84963a3ff886b31692cc504fe169db241a43f0

    • SHA512

      d0aa167ee919589ff3b80640e8db4c6d11f9159e4a246082f0a564482789011c260f124b9a7102649d998c6a89cbff58cffab5a40e33769b990e64d6cc703378

    • SSDEEP

      6144:gvROCXS24UmV5z/fZ2GRoSYTLySam7YF3tys5gRULJatGqUnvydpECk3ICf:gvRZsV5z/+lP7+tys5vNDp

    Score
    3/10
    behavioral18

    • Target

      AppSetup_Update-Launcher/Data/id.pak

    • Size

      324KB

    • MD5

      0e82cf23475ab7328741670f4dfa3093

    • SHA1

      fd854e31f4ab212d0b3bca676420d5600d8daa83

    • SHA256

      21368245d99265e760b1b57a3169feb72e6b5099c3f1855155d147b2f788eda4

    • SHA512

      52d694afeb3e7272740192e6b4cab9acab460ae6e66912f090b049a1f431a5c17a4c3d037fc9c450b8a224ed793605e234b4d649a95289770997acd43b5dbb32

    • SSDEEP

      6144:NbXLerWB/kUEPsw0ofjDVnjHFXFmP2L6aF5NyhBvt4fSRsEaF:h7cKE/0GVnjHF1m+LlF5Nyhs

    Score
    3/10
    behavioral19

    • Target

      AppSetup_Update-Launcher/Data/it.pak

    • Size

      360KB

    • MD5

      9fbb2f5d9c70d9e46368538853929f75

    • SHA1

      45daceb422478c5a7b7b61f5ee68cc08a19f2ac3

    • SHA256

      13dd077e5e8c8b04ac0854e4466ee074df67c74cd29cc48a0c2c9f96f768fad5

    • SHA512

      77d8607ba52190258ed2e7c6e43a44bad1669294a441cc6ee9d91fa28c26c6675225e41cc309200aee01fecc1a0d369a8e4458c0095c297ed237bba50798c4dd

    • SSDEEP

      6144:dF9dctIYSrqRrhsO1FGT9TEAGw3nlXgOPwtkWgGyu8HryYm0wNB6XtS6LevpLOvy:3/lZRe8+Yx3vjw5Lsol

    Score
    3/10
    behavioral20

    • Target

      AppSetup_Update-Launcher/Data/ja.pak

    • Size

      440KB

    • MD5

      67a379c826f0eb60750bfba0b8e10468

    • SHA1

      62662d8efd773b18c99169752996b11f30a64ca3

    • SHA256

      2c5457b0fa6fe41b7b524aa726dae4dd69e7072864f73f211c731810d00b9323

    • SHA512

      38c44dd6c83362cd118543b7619811c671283618a3081f07a015f8110388d71b7767eb0a7a49c37c8e2e9e900dae6aa7f8560e5494afe6b29e01ede402e4944e

    • SSDEEP

      6144:jUZWQGehaoFbqn6S+RUpZSb2LwPH+5VgxVg:LQhJe60pZSb2kPH+5VV

    Score
    3/10
    behavioral21

    • Target

      AppSetup_Update-Launcher/Data/kn.pak

    • Size

      872KB

    • MD5

      8a3427385226ab72e8421d84225f7adf

    • SHA1

      701a85bc6bca0ed33dbe1aa3a617ce26576c7421

    • SHA256

      c315e791770cea204c7e49ef5b68fa46fe42864a33e77fa5a1d42f87ba85124f

    • SHA512

      310719fb102c1f892d354f1478bba06e856bd45da08416be970a0a76e44c7d81aaa9ddd878234b2348b625e0d18cfe7c966379115f35d51f4ee78a986c1243b0

    • SSDEEP

      6144:O+wN1jeEb7qb4GvGK25j/u7cB2jrith0vkcVwVattrmQLHMj0AWviYRpySIvSuNu:NwzSS7qdR+QygZ5gJ765mWUj+yt++FS

    Score
    3/10
    behavioral22

    • Target

      AppSetup_Update-Launcher/Data/ko.pak

    • Size

      369KB

    • MD5

      3340fd0a5e8f97f122e1d6e9a2052ca6

    • SHA1

      9c8504b78633b6d6e445723b351a08392916c7d0

    • SHA256

      3ee7d79af9ec226bebfdd9d79907f1bc97d528d2009dbd0db23d74ad655e0256

    • SHA512

      07eb8dab24ea8545cdaf38e35bc23a71a33bf87a1c0ac78ac564c103c6ae53357de2d4fd635b22995cefdc9d8e8241c66d78dd44d68a9f2f251be77c0afa7704

    • SSDEEP

      6144:DL/SK0qZvHJmb1QdTVtZqZXRZqiq7vqLZyQnP9kYvWyCt8Oh+jJAhxlw5R7X98dz:DL/SQJmJKh0noyCt8OhoJAhXw5R7X989

    Score
    3/10
    behavioral23

    • Target

      AppSetup_Update-Launcher/Data/lt.pak

    • Size

      395KB

    • MD5

      c037c0d80be2c913c20e3fe96d9cdaff

    • SHA1

      8dfd2a42fb2e0041d6ac9b90c78b3cad0283c757

    • SHA256

      e7c133a8dc438870f97112587f5f223f5fcae4f1510874b95b72cc281fa150fd

    • SHA512

      0a90dd7d39759e1e63205a827ed6611dc6e54b37c668795123de7f35c446ee41174675a0d813974dba7353c0a1cc4320049d4fd1368cdfccb9cf9afa47fcb4f5

    • SSDEEP

      6144:ExMwGiVqc4anfOfbZnaI+onSzwB74p5Ub04ua7OoMI8Z2IF6SB:lw/M/fBX+onPup5S0MMJP6SB

    Score
    3/10
    behavioral24

    • Target

      AppSetup_Update-Launcher/Data/lv.pak

    • Size

      393KB

    • MD5

      b14f9d61e064903bc73d18e40846e1ac

    • SHA1

      5a3da27335194707ffeb07add46662df1fefd76f

    • SHA256

      6e99a3ef823a651f5187c5c549a6885002a2f8523c014f989ec6d53d87e7aac7

    • SHA512

      dab97f5d75d5f60c82969ac01dfc1ffffc0ec5fbe2063c6df0535130ea1432363be1475a440b6075440f68217cd6840a63bcfea0409586d755ff8e57c029baf3

    • SSDEEP

      6144:b3p3yLG9mRNhtVFO6mM7pl44cfX7apaRZ5v4m0cxEl9AC2anpArAFTHVs1C:TpigT87P4467zZ5NEH2ms1C

    Score
    3/10
    behavioral25

    • Target

      AppSetup_Update-Launcher/Data/ml.pak

    • Size

      915KB

    • MD5

      fc33673850c17a865cae7695fd3eb5b5

    • SHA1

      72f3241ea35554c881e1849ba53b8f64b04502c1

    • SHA256

      6295eb0b0d05d26b3fdaa19ad390ba30f267b7af7a60a214db558dcdbdb436c4

    • SHA512

      6845293c0cd4ee1aa94972da1d58fd7085da5dd664d4031005200ae38fc4ab20f2c5cf44fe07ff80e003ef072f7f1cb23a452d6ce47124aa1efb3d26ae86b279

    • SSDEEP

      12288:Wq0rekvVG6W+SG7/KgLC4nMmWDcZubSAemNPHVhJ5n/7d597Y3rE:fQel6W+jHsd5n/7V03w

    Score
    3/10
    behavioral26

    • Target

      AppSetup_Update-Launcher/Data/nb.pak

    • Size

      332KB

    • MD5

      f15c568a9ed8b2ca497571453ce6bce2

    • SHA1

      957ffec56ce14f33fa75f493936552751e966d16

    • SHA256

      18512064afcc3fb5a0e1f36400e592ff34e8c6c9a7ed0bbe3432255c4759ad8c

    • SHA512

      3bd27f9612b39836e5e7654e6f07c2fd5a31f2c338db36daa51e2c1462986cf4b651d555245ee2e97acd044e44a5beffb8cc9d56c1af11f52fedf9f7fbf7da97

    • SSDEEP

      6144:I9HHvGNQkyLirVh6EQFewqOp7fyyVgLmy07E6SRw5PX4RXODcF:6npqrOEQFewqOp7fyy3ELG5PX4IDcF

    Score
    1/10
    behavioral27

    • Target

      AppSetup_Update-Launcher/Data/resources/app.asar

    • Size

      13.8MB

    • MD5

      e2b5f33ee94cfd86c4fb62b33ee55958

    • SHA1

      cec825c811cba9b6c8557760fc83e2db99c08dfe

    • SHA256

      eded44c037661ed32f5585d16a773b9dd99630f4232807a58359bfc1a4984d5e

    • SHA512

      c27641d82c084ffcd86f7fa9faa85c4bfe82683cc02ac3305828feec323f8a2ff631b8394c6b7dd64df9b903454367f373297a6ee0cb939669ffdcdfa7cb66f6

    • SSDEEP

      196608:p2y6eZtDOBjsEHdjQhG/nvTX5YV9cf/Ok:ky6eZNe9jQQ/nLmVGf/b

    Score
    1/10
    behavioral28

    • Target

      AppSetup_Update-Launcher/Data/resources/app.asar.unpacked/build/notificationstate.node

    • Size

      106KB

    • MD5

      5d79aff7bc28d3b0c78f0162efdee407

    • SHA1

      98818c05a5310325fd1f8b00537fda50a0c58d91

    • SHA256

      5051d14c3067d856c74f47994ae2ba34f5994477607b5af0ce349f1f6cf8543b

    • SHA512

      c94987d7f450a2e992b946739c9fbac2945ebdda164a4917d00c79086482a02267da433bad710a407a02f8681b33be9069b4d17bf9d32f420a8f7d4d723ef716

    • SSDEEP

      3072:2NSQ5s9mQpnh5A9gdUhvVYL16NAqQoppZS:mvsgQlh5C+UhveLH2pZS

    Score
    3/10
    behavioral29

    • Target

      AppSetup_Update-Launcher/Data/resources/app.asar.unpacked/keytar.node

    • Size

      691KB

    • MD5

      c5c99144e2e1589628e14999ba59ad73

    • SHA1

      9c80f8de6b5cdaf38677d5368b5287bacb9e465a

    • SHA256

      90e35de89ab5e5f9290e4ff1bbadcf221a82b2aa0d9b922187dc980adff3c831

    • SHA512

      0bcb99953397c6604d8e08bf2ba89248ee82f92436c2dcc779157b65227b0e1350927273a1b6d150a9db914d0a8830680df05ef651ee291b40657a3025a721c5

    • SSDEEP

      12288:cRInDhSzUpqDDa2XX05VNpk4th460iQlp1Qk5wUFPcvKKR0JQQ8jKOx8:cOnDHpqnaskrdx

    Score
    3/10
    behavioral30

    • Target

      AppSetup_Update-Launcher/Data/resources/app.asar.unpacked/native/tvdbridge.node

    • Size

      296KB

    • MD5

      e5526203a1a46494f6940c755189321a

    • SHA1

      fe8995c525a41c38ddfadcce065bd5a4f9d6a9cd

    • SHA256

      d849a98540c05e1d0e770bc7d72a5d88213430745acf7aec8ecc246e042d0aad

    • SHA512

      033fa4ba21d8086e516deddac9d25aaa4180b4c341ceb05c1ef9f86a790ebf22a4ee4eb9505da6703cd4309cee1e6be76dbdf4870f0c4d398bababde9facf899

    • SSDEEP

      6144:0MYYj6PQEzvJhuQlVvR+biOSvX3wa5zedaPqhUrYOv:uYj6PbzRhflVZ+dg395zedaPEe

    Score
    3/10
    behavioral31

    • Target

      AppSetup_Update-Launcher/Setup.exe

    • Size

      38.9MB

    • MD5

      db97787a82082bbcfd8102e8fb921fb3

    • SHA1

      fe868dfc985cae473d7c24becafffe6336559b1f

    • SHA256

      eb9b8e49c7f13e4ed0d670f40f8c4f1ee379dce9bc376b156d6c5292336f4e80

    • SHA512

      08cf1ac6c7f55ab1af412c70c4feb202106cb1e946f41da5a5c846444c467bebe26a61dc7ecbba3e83c8f2ae1cd7900a8d3997453b5ee88f60f6f66ba1a3b6ce

    • SSDEEP

      786432:AnzMyaT5GtfSEfzIOqUlgFEm/HVpXk6MnYH/CteijCEzUZG7MG5:AzMyYiqAzIPUvmHQhPYGCEzx5

    Score
    10/10
    vidarb89068e4534861e37a204b27184d8ae5discoveryspywarestealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses 2FA software files, possible credential harvesting

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral32

MITRE ATT&CK Enterprise v6

Tasks

static1

Score
3/10

behavioral1

Score
3/10

behavioral2

Score
3/10

behavioral3

Score
1/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
3/10

behavioral30

Score
3/10

behavioral31

Score
3/10

behavioral32

vidarb89068e4534861e37a204b27184d8ae5discoveryspywarestealer
Score
10/10

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.