stealc | e95217e0e62d82df096a4fb8ac08b6d4d9643fe85b740b468435531d8b18d6c2 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

e95217e0e62d82df096a4fb8ac08b6d4d9643fe85b740b468435531d8b18d6c2
Size

284KB
Sample

240430-mzpsgsad73
MD5

2aac7041efa0f0f858c973b7b544d158
SHA1

15ebf734381de456f817056488a2efa76eb57fcb
SHA256

e95217e0e62d82df096a4fb8ac08b6d4d9643fe85b740b468435531d8b18d6c2
SHA512

be4e18690ef64785cf66f0acae44fadd7c2ebb39ec35b7ecc1513f4fceb1950b6c2475e55cdffe844e3baad8c7fb3e06433b9c52e417ad9a4535a20ae5c2de0c
SSDEEP

3072:ZBHWeP4pSyh47tN+jUQp54Y1IbIjE9+t/YLWWy6hyr87+6vD4zi0bKhGTGfsZ2wb:zA5q7tNY4Y1IbIjQ+twKWWr+Mi0cIu

Score

10^/10

stealc vidar 45a2c60205d395ecda49074119ba58ac stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e95217e0e62d82df096a4fb8ac08b6d4d9643fe85b740b468435531d8b18d6c2.exe

Resource

win10v2004-20240419-en

stealc vidar 45a2c60205d395ecda49074119ba58ac stealer

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

e95217e0e62d82df096a4fb8ac08b6d4d9643fe85b740b468435531d8b18d6c2.exe

Resource

win11-20240419-en

stealc vidar 45a2c60205d395ecda49074119ba58ac stealer

windows11-21h2-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

stealc

rc4.plain

Extracted

Family

vidar

Version

9.3

Botnet

45a2c60205d395ecda49074119ba58ac

C2

https://steamcommunity.com/profiles/76561199680449169

https://t.me/r1g1o

Attributes

profile_id_v2
45a2c60205d395ecda49074119ba58ac
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 OPR/101.0.0.0

Targets

- Target
  
  e95217e0e62d82df096a4fb8ac08b6d4d9643fe85b740b468435531d8b18d6c2
- Size
  
  284KB
- MD5
  
  2aac7041efa0f0f858c973b7b544d158
- SHA1
  
  15ebf734381de456f817056488a2efa76eb57fcb
- SHA256
  
  e95217e0e62d82df096a4fb8ac08b6d4d9643fe85b740b468435531d8b18d6c2
- SHA512
  
  be4e18690ef64785cf66f0acae44fadd7c2ebb39ec35b7ecc1513f4fceb1950b6c2475e55cdffe844e3baad8c7fb3e06433b9c52e417ad9a4535a20ae5c2de0c
- SSDEEP
  
  3072:ZBHWeP4pSyh47tN+jUQp54Y1IbIjE9+t/YLWWy6hyr87+6vD4zi0bKhGTGfsZ2wb:zA5q7tNY4Y1IbIjQ+twKWWr+Mi0cIu
Score

10^/10

stealc vidar 45a2c60205d395ecda49074119ba58ac stealer
- Detect Vidar Stealer
  stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

stealcvidar45a2c60205d395ecda49074119ba58acstealer

behavioral2

stealcvidar45a2c60205d395ecda49074119ba58acstealer

© 2018-2025

Terms | Privacy