General
-
Target
file
-
Size
400KB
-
Sample
240426-yan1faaf59
-
MD5
5cab81fae61cb23017cc6c6eb6a7e433
-
SHA1
e7c299b308a01f140dc54496e20d87583d70a665
-
SHA256
4af66ae63601052bcac5f6a91d0d5be8469dedcb7e64cedc99afee7f8b44c7ac
-
SHA512
b033bb715d387a0f130453822138b7943a8f93a8fca20fbc115e8a82250e16ef7e5e8511f6db54da5f915dea6c92c2b6e8b8cfabf8a0a14d46e4ebf6b9d8ecc0
-
SSDEEP
12288:Xdy0t/5TvlNOThfN3TkbZdjjsYuo0C5pIs+y:x/5jl+7j4hjsY7J5Sr
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240221-en
Malware Config
Extracted
vidar
https://steamcommunity.com/profiles/76561199677575543
https://t.me/snsb82
-
user_agent
Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0
Targets
-
-
Target
file
-
Size
400KB
-
MD5
5cab81fae61cb23017cc6c6eb6a7e433
-
SHA1
e7c299b308a01f140dc54496e20d87583d70a665
-
SHA256
4af66ae63601052bcac5f6a91d0d5be8469dedcb7e64cedc99afee7f8b44c7ac
-
SHA512
b033bb715d387a0f130453822138b7943a8f93a8fca20fbc115e8a82250e16ef7e5e8511f6db54da5f915dea6c92c2b6e8b8cfabf8a0a14d46e4ebf6b9d8ecc0
-
SSDEEP
12288:Xdy0t/5TvlNOThfN3TkbZdjjsYuo0C5pIs+y:x/5jl+7j4hjsY7J5Sr
-
Detect Vidar Stealer
-
Suspicious use of SetThreadContext
-