General
-
Target
Adobe.After.Effects.2024.v24.1.0.78.rar
-
Size
169.9MB
-
Sample
240331-tmym7afb56
-
MD5
9e1eeb3de612515403f1116ca3ff43fe
-
SHA1
ef3b3b0ada892169f0b482f8f95cb78d4462ef26
-
SHA256
c16fa42dd6874f4af0b195a46d93191cb22a4d4ab078aa91b6e4e1d6e7c86858
-
SHA512
c14435bdbd62bd7c16387b2c247e3c641d22b7d4d650a8ef7498d47aad1042660def9d5690f396282bc91cb538ca86a8b0b7c215eda2cea099434cfd90149542
-
SSDEEP
3145728:wFpn/31P6ZETQy6f8lONInnV5Sg9ueQ7j6vvCgfV3erzNORNC6kv:on/liQhlON4nF9dYjDg9erRp
Static task
static1
Behavioral task
behavioral1
Sample
Adobe.After.Effects.2024.v24.1.0.78.rar
Resource
win7-20240221-es
Malware Config
Extracted
vidar
https://steamcommunity.com/profiles/76561199658817715
https://t.me/sa9ok
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
Targets
-
-
Target
Adobe.After.Effects.2024.v24.1.0.78.rar
-
Size
169.9MB
-
MD5
9e1eeb3de612515403f1116ca3ff43fe
-
SHA1
ef3b3b0ada892169f0b482f8f95cb78d4462ef26
-
SHA256
c16fa42dd6874f4af0b195a46d93191cb22a4d4ab078aa91b6e4e1d6e7c86858
-
SHA512
c14435bdbd62bd7c16387b2c247e3c641d22b7d4d650a8ef7498d47aad1042660def9d5690f396282bc91cb538ca86a8b0b7c215eda2cea099434cfd90149542
-
SSDEEP
3145728:wFpn/31P6ZETQy6f8lONInnV5Sg9ueQ7j6vvCgfV3erzNORNC6kv:on/liQhlON4nF9dYjDg9erRp
-
Detect Vidar Stealer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-