General
-
Target
LauncherPC_S0FT.zip
-
Size
241.2MB
-
Sample
240222-zfyx9sfd32
-
MD5
3c36c1c97de2f4b39e8c0f57c57401c0
-
SHA1
4878af704b3307e5328665cd9bfd02f386303f65
-
SHA256
0fe4d71e5a2794035fb085ff7b79b4752c6f35d46c28d2480beb0eba41016552
-
SHA512
847997ae94bdac180a393f83d3b17a87d6af509f6771ca8f04d37f8856415acde8c79bdf75a85165e856db56bed38d117209bb19bd3e6a3215a006493321cffc
-
SSDEEP
6291456:NHKZ+JueguLwfunO2W/ToM7Z5R6OPY9AZQ6C+t8b2qCRSbvpmRpbd7dznHKgSxxw:NHKZQLgEwfajW7okvRDQCQL+mb2qhmX1
Static task
static1
Behavioral task
behavioral1
Sample
LauncherPC_S0FT/Set-up.exe
Resource
win7-20240221-en
Malware Config
Extracted
vidar
http://5.182.86.94:80
https://t.me/vookihhfds
https://t.me/secgoxrp
https://steamcommunity.com/profiles/76561199568528949
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:110.0) Gecko/20100101 Firefox/121.0
Targets
-
-
Target
LauncherPC_S0FT/Set-up.exe
-
Size
597.9MB
-
MD5
8a30291c653f6b3c4f7c7c04df07ff49
-
SHA1
ba241086d27312c723750b79a37f339874007dba
-
SHA256
2402aa5e5f77a7e485c31c134770b9ff4be70c9038b634f745694d6cd02a01d1
-
SHA512
1f67a07fe479b35782e65d431777d201471fd6e3ac0849e673932f789d7bcde1e69b19a2e4b7a4f1047fe732648f80e9218d256068de8e0fe7f1c9a8290866c0
-
SSDEEP
393216:dpZbJIRQSoVL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eLT:dSiSG
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-