General
-
Target
691b46c7437376eb222b6223d1509e58dae34ca40b6e02db37e9690ea97d1431.zip
-
Size
2.7MB
-
Sample
240402-qgnz1sba21
-
MD5
e2914dcfba9b61735393b999a138e241
-
SHA1
cb46bcee42cba2217be72b5c7b9d722b262ba5ea
-
SHA256
8e0de9176de54fa7e92f018bfcd726efdc2cd0341016127f14b37056cf49296b
-
SHA512
336faace772b1ef86b5fa26282ec6c0a69a2b22d6b06201f3f18007c9f149297bcaee05673ccdf117648ab9bc3080c857948b324674f9ffd3439526487c820be
-
SSDEEP
49152:CDSKGjzrb4C40q9PNo43BlbcbfD/s/OUAZDVzKq4TuXZCtg4rgHJROuqaNqNmxL4:CDSKGjn8J0AXWkOUAZDV+qkuMaQNmxL4
Static task
static1
Behavioral task
behavioral1
Sample
691b46c7437376eb222b6223d1509e58dae34ca40b6e02db37e9690ea97d1431.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
691b46c7437376eb222b6223d1509e58dae34ca40b6e02db37e9690ea97d1431.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
vidar
8.6
22d12fb91f01647fe2107fec81f0cc22
https://steamcommunity.com/profiles/76561199658817715
https://t.me/sa9ok
-
profile_id_v2
22d12fb91f01647fe2107fec81f0cc22
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
Targets
-
-
Target
691b46c7437376eb222b6223d1509e58dae34ca40b6e02db37e9690ea97d1431.exe
-
Size
4.9MB
-
MD5
9efa9907423cc7a421c7008bd8a0bf0d
-
SHA1
d147885ce6f126c41ca47dbdbb48a4bcabc5dfb3
-
SHA256
691b46c7437376eb222b6223d1509e58dae34ca40b6e02db37e9690ea97d1431
-
SHA512
894a3e2090c2b3298bb08eab81832dd76bdb9d4c0b59642477666d97d088d3da38ec0a7605332bda7ddb432eb775fd7853d51d6436ce647b5a89d4bed8ac59a1
-
SSDEEP
49152:OmhxjW6ncW+4Zb15jx2QZ88rPKsm+9BnHrkBnqFoniEqtVwSoiG9/u8T2XXNwiv7:OmhxjW6ncWFZbd7Hrk5HnlmAX2Xdwi
Score10/10-
Detect Vidar Stealer
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-