General
-
Target
555281f2cb5673a822bbb42166f9e514d78c623fd659cb0ab30d536444ca4134
-
Size
2.1MB
-
Sample
240522-c1l3wahf91
-
MD5
73de9bf29334ad8a2b6999315725b863
-
SHA1
cb3978f05f5e5596a2f36bd55d4e19d25abc3f0a
-
SHA256
555281f2cb5673a822bbb42166f9e514d78c623fd659cb0ab30d536444ca4134
-
SHA512
8e58064acd09c0510ee20c421d59539076d7ece11791e9575f98e8bf6c176b01b53ed9f9011ffe4e9f5c23ff69ea8df3a9af2cfbc51c7e32b830dccbc2a2dbc2
-
SSDEEP
49152:N6uDuaS9ref6IJtTF+TxMoxc1TU+j+dAzGwlrh:N6uKb9fItIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
555281f2cb5673a822bbb42166f9e514d78c623fd659cb0ab30d536444ca4134.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Targets
-
-
Target
555281f2cb5673a822bbb42166f9e514d78c623fd659cb0ab30d536444ca4134
-
Size
2.1MB
-
MD5
73de9bf29334ad8a2b6999315725b863
-
SHA1
cb3978f05f5e5596a2f36bd55d4e19d25abc3f0a
-
SHA256
555281f2cb5673a822bbb42166f9e514d78c623fd659cb0ab30d536444ca4134
-
SHA512
8e58064acd09c0510ee20c421d59539076d7ece11791e9575f98e8bf6c176b01b53ed9f9011ffe4e9f5c23ff69ea8df3a9af2cfbc51c7e32b830dccbc2a2dbc2
-
SSDEEP
49152:N6uDuaS9ref6IJtTF+TxMoxc1TU+j+dAzGwlrh:N6uKb9fItIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-