General
-
Target
5bde316bb02a4d1c0e5530093c04f48e6bb862a828f154b5ad2a19c3a032937d.zip
-
Size
228KB
-
Sample
240402-qxasbsca35
-
MD5
42b547c37cb54d8afccf95aa815fda6d
-
SHA1
4496f9828fddb86957a314818affa764aae89dfc
-
SHA256
2d586a9b25ee71b05cffe997ef3d8ea53a952fb7a67d71f698e7e587b327830b
-
SHA512
ba881d1139ae132dfac51bd960e27162361ba58fba7c5e374b9342659411e4b433a2df998e3db7542aa81638275ec5b519d39fa9523a2ae42b0f3bb5c0711ade
-
SSDEEP
6144:lZbZMk1xVKXinV4Fbkd3TQRUN8LsLa+LijjljyFcxEOlCvTgYU9YzD:lxZMkkXVklTQ28InYoFw0Ue
Static task
static1
Behavioral task
behavioral1
Sample
5bde316bb02a4d1c0e5530093c04f48e6bb862a828f154b5ad2a19c3a032937d.exe
Resource
win7-20240221-en
Malware Config
Extracted
vidar
https://steamcommunity.com/profiles/76561199658817715
https://t.me/sa9ok
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
Targets
-
-
Target
5bde316bb02a4d1c0e5530093c04f48e6bb862a828f154b5ad2a19c3a032937d.exe
-
Size
244KB
-
MD5
2caa34244dd6726f37dbccc7fe9b59fd
-
SHA1
0ec728e4614ae0f3ae5db4ed255a1a344d654659
-
SHA256
5bde316bb02a4d1c0e5530093c04f48e6bb862a828f154b5ad2a19c3a032937d
-
SHA512
2a471bf75e21b6637839626f25668e03fd60c7bdd2f11b838c3842999e6b615a26c6bd1bcf3ecdcdae37a6ce11a046e7590194c8fdc40aef2ab44854238669b2
-
SSDEEP
3072:jp3BvL34Ph1UOpbqWvhSveoQxd0+4NB4F/8CUKnozHZHeV1HLVA8959eQAOED:Nxvz4ZxbVvhweoQL0DNBKn6H1w5AENo
-
Detect Vidar Stealer
-
Suspicious use of SetThreadContext
-