General
-
Target
1940797bbf48e2b4061f3d3b0809c6e6a5f66b35653c6384cca212eedf873541
-
Size
5.5MB
-
Sample
240330-tepqbahc7z
-
MD5
e0dfc852c37571b8468b2d17f573a12f
-
SHA1
38ec845f203450b7d6a51e9a441ab609b5ff1100
-
SHA256
1940797bbf48e2b4061f3d3b0809c6e6a5f66b35653c6384cca212eedf873541
-
SHA512
783c27474e39e99a4ab153f6d42f2b9808df2ebcd3b4299c0067ed9e21d635ba92505d21b96ccf512ca406a36ae9770ffce85e36842a9dac7a4ae87becdf35af
-
SSDEEP
98304:Uuc009atEN5lsTu7vAcJnIQEUmM1nGGqJe2OUxulDhTCGiYbFr54L6Bid09VGg5Q:Uuc39a45lr7vR9nEi1nGGqQMuLWnOoLH
Static task
static1
Behavioral task
behavioral1
Sample
1940797bbf48e2b4061f3d3b0809c6e6a5f66b35653c6384cca212eedf873541.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
1940797bbf48e2b4061f3d3b0809c6e6a5f66b35653c6384cca212eedf873541.exe
Resource
win11-20240221-en
Malware Config
Targets
-
-
Target
1940797bbf48e2b4061f3d3b0809c6e6a5f66b35653c6384cca212eedf873541
-
Size
5.5MB
-
MD5
e0dfc852c37571b8468b2d17f573a12f
-
SHA1
38ec845f203450b7d6a51e9a441ab609b5ff1100
-
SHA256
1940797bbf48e2b4061f3d3b0809c6e6a5f66b35653c6384cca212eedf873541
-
SHA512
783c27474e39e99a4ab153f6d42f2b9808df2ebcd3b4299c0067ed9e21d635ba92505d21b96ccf512ca406a36ae9770ffce85e36842a9dac7a4ae87becdf35af
-
SSDEEP
98304:Uuc009atEN5lsTu7vAcJnIQEUmM1nGGqJe2OUxulDhTCGiYbFr54L6Bid09VGg5Q:Uuc39a45lr7vR9nEi1nGGqQMuLWnOoLH
Score10/10-
Detect Vidar Stealer
-
Creates new service(s)
-
Drops file in Drivers directory
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-