General
-
Target
c7cd9c0bfb7ad72cc4270690f8bb73535357e89845749ce19233d8d7d64cd47d.exe
-
Size
370KB
-
Sample
240424-caj6laea54
-
MD5
000b0ccd732870ed3d6d23a39d698257
-
SHA1
d58d41c38af66d3d369235ffeef7e3e67c0cbf4a
-
SHA256
c7cd9c0bfb7ad72cc4270690f8bb73535357e89845749ce19233d8d7d64cd47d
-
SHA512
68258b9a2d794097779b1c76e6e3ecbab436892fcaa7972f578b04a4d87b6e5a7e856c8ca38098037e36cc28941d3b7ef7b0b954efb2f2fa18a976b94661cc3e
-
SSDEEP
6144:fnB0EVY3RLUCv4SmZKME0nEHhZYzdIE0AFMhbcJ83gX1DaaxV7z0pyRHlK46bewb:fB0EVCbmZKMERHhWImy68EWaP0pyRFKD
Static task
static1
Behavioral task
behavioral1
Sample
c7cd9c0bfb7ad72cc4270690f8bb73535357e89845749ce19233d8d7d64cd47d.exe
Resource
win7-20240221-en
Malware Config
Extracted
vidar
https://steamcommunity.com/profiles/76561199673019888
https://t.me/irfail
-
user_agent
Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0
Targets
-
-
Target
c7cd9c0bfb7ad72cc4270690f8bb73535357e89845749ce19233d8d7d64cd47d.exe
-
Size
370KB
-
MD5
000b0ccd732870ed3d6d23a39d698257
-
SHA1
d58d41c38af66d3d369235ffeef7e3e67c0cbf4a
-
SHA256
c7cd9c0bfb7ad72cc4270690f8bb73535357e89845749ce19233d8d7d64cd47d
-
SHA512
68258b9a2d794097779b1c76e6e3ecbab436892fcaa7972f578b04a4d87b6e5a7e856c8ca38098037e36cc28941d3b7ef7b0b954efb2f2fa18a976b94661cc3e
-
SSDEEP
6144:fnB0EVY3RLUCv4SmZKME0nEHhZYzdIE0AFMhbcJ83gX1DaaxV7z0pyRHlK46bewb:fB0EVCbmZKMERHhWImy68EWaP0pyRFKD
-
Detect Vidar Stealer
-
Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion
-
Suspicious use of SetThreadContext
-