stealc | 67ce4c64ef21d45c21bea19ad3fd022c2629332fbb3a91f8452f7357a049c7d0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

9ca6f73f7f...e8.exe

windows7-x64

3

9ca6f73f7f...e8.exe

windows10-2004-x64

Sharing

General

Target

67ce4c64ef21d45c21bea19ad3fd022c2629332fbb3a91f8452f7357a049c7d0
Size

290KB
Sample

240511-hrg1fseg72
MD5

ad9f7ab4360b83380d9431c32142959a
SHA1

8b4b9fd7f560bde7d50a374fdecdaf330b1a299d
SHA256

67ce4c64ef21d45c21bea19ad3fd022c2629332fbb3a91f8452f7357a049c7d0
SHA512

19737b77f892b062c5b9e13b22d53c4adb253e0b48e72d74360bed9bc72790e3e440ed9f630a459bc7c6eaf80cfec82ee8aab6f668ed1ed226dd75932be1f00c
SSDEEP

6144:dVz3Cm0evQ12Y2fLE3JFwYxYrad8e1rLQEYMkj5kLn1iVgfsRiP:ddsev632fLE3J2YQelLHY/Nqn13soP

Score

10^/10

stealc vidar 681a223bec180ebfdc48547d3d5bd784 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9ca6f73f7f915ad1b27b1e3901c5d89ff829f9cd146812077fa1c2e295338ce8.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

9ca6f73f7f915ad1b27b1e3901c5d89ff829f9cd146812077fa1c2e295338ce8.exe

Resource

win10v2004-20240508-en

stealc vidar 681a223bec180ebfdc48547d3d5bd784 stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

stealc

rc4.plain

1
2910114286690104117195131148

Extracted

Family

vidar

Version

9.6

Botnet

681a223bec180ebfdc48547d3d5bd784

C2

https://steamcommunity.com/profiles/76561199681720597

https://t.me/talmatin

Attributes

profile_id_v2
681a223bec180ebfdc48547d3d5bd784
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 OPR/101.0.0.0

Targets

- Target
  
  9ca6f73f7f915ad1b27b1e3901c5d89ff829f9cd146812077fa1c2e295338ce8.exe
- Size
  
  363KB
- MD5
  
  ea0081722a86c3016aa249262483c7ca
- SHA1
  
  c6fe97dc6211dcbd732619a11f7a525b800765e4
- SHA256
  
  9ca6f73f7f915ad1b27b1e3901c5d89ff829f9cd146812077fa1c2e295338ce8
- SHA512
  
  e03e5077b5ecd2991e87589f133c84a991853caf507476d6b385a2977789296225cce347d71fe836a03fccf71054d56e24cdc8bd4aeee6e1bb0f14e624cf3089
- SSDEEP
  
  6144:pZPllhS4qdxjPxUUsTl0+ruzXgU+t8YY6FZZFWKM+MsMk91EknZcHZmmKU:zt/SNRezujgUM8YhPFWKM+MsMaVZcHxh
Score

10^/10

stealc vidar 681a223bec180ebfdc48547d3d5bd784 stealer
- Detect Vidar Stealer
  stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

stealcvidar681a223bec180ebfdc48547d3d5bd784stealer

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.