General
-
Target
9bb8191ed9f93c2ea3cee489de2e640246eff6cc451641837697c59a74e0dd85
-
Size
2.1MB
-
Sample
240522-eal2asbb3z
-
MD5
626cadc9cfa73749ad5a39e67216f8f7
-
SHA1
6393a95f777519ecd4d3cd9bd81a10f55f5e4ad5
-
SHA256
9bb8191ed9f93c2ea3cee489de2e640246eff6cc451641837697c59a74e0dd85
-
SHA512
7597e2b14743118f9020ebde44ba6d7a2f0631331777746a7774cba93a3165ee69707dd73b7090721d6cc7d98a078503083be72affea59882dad4b98a73119bf
-
SSDEEP
49152:N6uDuaS9refWgJtTF+TxMoxc1TU+j+dAzGwlrh:N6uKb9LgtIuoITsdZ
Malware Config
Extracted
stealc
Targets
-
-
Target
9bb8191ed9f93c2ea3cee489de2e640246eff6cc451641837697c59a74e0dd85
-
Size
2.1MB
-
MD5
626cadc9cfa73749ad5a39e67216f8f7
-
SHA1
6393a95f777519ecd4d3cd9bd81a10f55f5e4ad5
-
SHA256
9bb8191ed9f93c2ea3cee489de2e640246eff6cc451641837697c59a74e0dd85
-
SHA512
7597e2b14743118f9020ebde44ba6d7a2f0631331777746a7774cba93a3165ee69707dd73b7090721d6cc7d98a078503083be72affea59882dad4b98a73119bf
-
SSDEEP
49152:N6uDuaS9refWgJtTF+TxMoxc1TU+j+dAzGwlrh:N6uKb9LgtIuoITsdZ
Score10/10-
Detect Vidar Stealer
-
Stealc
Stealc is an infostealer written in C++.
-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-