General
-
Target
52b7235a431fe2a5230fdbf71d81f17e83903fa7aaa8b2433bc4d649c35029d7.exe
-
Size
214KB
-
Sample
240408-bvhmtscf5z
-
MD5
f4de3cf6835582c816968431566ca4fe
-
SHA1
ef0af247d1cc1ddfb3b54357a0c3481e10d54130
-
SHA256
52b7235a431fe2a5230fdbf71d81f17e83903fa7aaa8b2433bc4d649c35029d7
-
SHA512
01f53ef03059f3abd1ad62fd9442295e3261290455b00667a00dad3f4248c3e2a62c1bf708657ed810c40f8523c403379419b6568b5c2732348205c276518e83
-
SSDEEP
3072:ojETl3ODx1Wr/jq2LEiyDYGv0gHy2ymX6IOr6AVAMBkL6fWVugPrX4IB1JrppUxe:oI3YijxGv9y2b6/RvWFI2Jrpg
Static task
static1
Behavioral task
behavioral1
Sample
52b7235a431fe2a5230fdbf71d81f17e83903fa7aaa8b2433bc4d649c35029d7.exe
Resource
win7-20231129-en
Malware Config
Extracted
vidar
https://steamcommunity.com/profiles/76561199662282318
https://t.me/t8jmhl
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 OPR/108.0.0.0
Targets
-
-
Target
52b7235a431fe2a5230fdbf71d81f17e83903fa7aaa8b2433bc4d649c35029d7.exe
-
Size
214KB
-
MD5
f4de3cf6835582c816968431566ca4fe
-
SHA1
ef0af247d1cc1ddfb3b54357a0c3481e10d54130
-
SHA256
52b7235a431fe2a5230fdbf71d81f17e83903fa7aaa8b2433bc4d649c35029d7
-
SHA512
01f53ef03059f3abd1ad62fd9442295e3261290455b00667a00dad3f4248c3e2a62c1bf708657ed810c40f8523c403379419b6568b5c2732348205c276518e83
-
SSDEEP
3072:ojETl3ODx1Wr/jq2LEiyDYGv0gHy2ymX6IOr6AVAMBkL6fWVugPrX4IB1JrppUxe:oI3YijxGv9y2b6/RvWFI2Jrpg
-
Detect Vidar Stealer
-
Detects Windows executables referencing non-Windows User-Agents
-
Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion
-
Suspicious use of SetThreadContext
-