stealc | 0dc7dcb7aee52ecb97e675245cfa0ed41766a30a8ff4cc58f2cc93c996d0371f | Triage

Submit
Reports

Overview

overview

Static

static

1

0dc7dcb7ae...1f.exe

windows7-x64

0dc7dcb7ae...1f.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

0dc7dcb7aee52ecb97e675245cfa0ed41766a30a8ff4cc58f2cc93c996d0371f.exe
Size

803KB
Sample

240509-lz4e7seg26
MD5

9ebc26514cf9f5811a6538d1446d33da
SHA1

a428d7fa3f9e9be4977fbacd8b63b99cc494d297
SHA256

0dc7dcb7aee52ecb97e675245cfa0ed41766a30a8ff4cc58f2cc93c996d0371f
SHA512

52e65b8d9ca40b47d012c741ad52ed6b0f776b8af971cedfe891c783ea0e5cc4c67042445ee17cd0a77ae14ce6af9d4a59904100aa734a485685c4181b15a6e5
SSDEEP

24576:ZMwbdYLejumUcBZNloo5bLPWgX8aw9Cq5+uR:ZMwqjmU2IEPWi8aw4qAuR

Score

10^/10

stealc vidar stealer

Static task

static1

Behavioral task

behavioral1

Sample

0dc7dcb7aee52ecb97e675245cfa0ed41766a30a8ff4cc58f2cc93c996d0371f.exe

Resource

win7-20240221-en

stealc vidar stealer

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

0dc7dcb7aee52ecb97e675245cfa0ed41766a30a8ff4cc58f2cc93c996d0371f.exe

Resource

win10v2004-20240508-en

stealc vidar stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  0dc7dcb7aee52ecb97e675245cfa0ed41766a30a8ff4cc58f2cc93c996d0371f.exe
- Size
  
  803KB
- MD5
  
  9ebc26514cf9f5811a6538d1446d33da
- SHA1
  
  a428d7fa3f9e9be4977fbacd8b63b99cc494d297
- SHA256
  
  0dc7dcb7aee52ecb97e675245cfa0ed41766a30a8ff4cc58f2cc93c996d0371f
- SHA512
  
  52e65b8d9ca40b47d012c741ad52ed6b0f776b8af971cedfe891c783ea0e5cc4c67042445ee17cd0a77ae14ce6af9d4a59904100aa734a485685c4181b15a6e5
- SSDEEP
  
  24576:ZMwbdYLejumUcBZNloo5bLPWgX8aw9Cq5+uR:ZMwqjmU2IEPWi8aw4qAuR
Score

10^/10

stealc vidar stealer
- Detect Vidar Stealer
  stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Process Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcvidarstealer

behavioral2

stealcvidarstealer

© 2018-2025

Terms | Privacy