General
-
Target
LauncherPC_S0FT.zip
-
Size
125.1MB
-
Sample
240222-zlwebsfd83
-
MD5
aab9d836e40219979272748e8b2c1021
-
SHA1
14c4d1f1d76986f3d1d1f8eccf30872393408e4c
-
SHA256
617fb3247090ea06850a68b7b287ef8f3f856859828c4009ea33bf9375575372
-
SHA512
62580aa0d7e7bc2021d21767d064deb2849adab11b1a691f52ebbb37873c5082c60003e6f2701c4dd427adb439af5a675e06f207c5c76ad116272f8b765000d5
-
SSDEEP
3145728:z8zevpmRpbeDA7d9E0+yHKgSxaLS2UbtvMYJ3p/NPaa:zbvpmRpbd7dznHKgSxx2gtvMYJ5/NPaa
Static task
static1
Behavioral task
behavioral1
Sample
LauncherPC_S0FT/Set-up.exe
Resource
win7-20240221-en
Malware Config
Extracted
vidar
http://5.182.86.94:80
https://t.me/vookihhfds
https://t.me/secgoxrp
https://steamcommunity.com/profiles/76561199568528949
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:110.0) Gecko/20100101 Firefox/121.0
Targets
-
-
Target
LauncherPC_S0FT/Set-up.exe
-
Size
783.8MB
-
MD5
fbe8ed195bd48fb454336c7b17e524d3
-
SHA1
e11fee2e8965482450c4e6b7a44bf45492c3708d
-
SHA256
0521cd6d3cc340abfe9f340b91987d840baddf8846d61a5a7d350d1968272b83
-
SHA512
fd981a653447a5023a3cae15327fc0a4737cda12dcce25e638caf9e54a387578ecb4955eefc331a58b6f9da11188bb1bacddf252c9b0ba636389226dfda01ffa
-
SSDEEP
393216:dpZbJIRQSoVL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eL0eLq:dSiSv
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-