General
-
Target
7680303f52c11fd5672608e5f901bac721b936ab0db0b170e3675c3e9891845b
-
Size
2.0MB
-
Sample
240522-1vvd3aad3t
-
MD5
3ee83fa5558ace9b05ce950233d12927
-
SHA1
3067c1eec44640be65345339acef2961225f979c
-
SHA256
7680303f52c11fd5672608e5f901bac721b936ab0db0b170e3675c3e9891845b
-
SHA512
caa75c5045119f84a80f44ae0b529f09b530d5ddf14b394618fef42da508fc36305d21f9ea3505fa53e9c7fa5a3dfa9b5add0c4f3ee60120689b762731291d28
-
SSDEEP
49152:7QzHt472D0JtTF+TxMoxc1TU+j+dAzGwlrh:7QzHt+tIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
7680303f52c11fd5672608e5f901bac721b936ab0db0b170e3675c3e9891845b.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Targets
-
-
Target
7680303f52c11fd5672608e5f901bac721b936ab0db0b170e3675c3e9891845b
-
Size
2.0MB
-
MD5
3ee83fa5558ace9b05ce950233d12927
-
SHA1
3067c1eec44640be65345339acef2961225f979c
-
SHA256
7680303f52c11fd5672608e5f901bac721b936ab0db0b170e3675c3e9891845b
-
SHA512
caa75c5045119f84a80f44ae0b529f09b530d5ddf14b394618fef42da508fc36305d21f9ea3505fa53e9c7fa5a3dfa9b5add0c4f3ee60120689b762731291d28
-
SSDEEP
49152:7QzHt472D0JtTF+TxMoxc1TU+j+dAzGwlrh:7QzHt+tIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-