Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    33ab7b9e7719eb9554efe1a5b163c168cd11fc57587710a12737d95a25c1af44

  • Size

    2.0MB

  • Sample

    240522-w1kdtsbh54

  • MD5

    8eb51c2790222337692425c65882269b

  • SHA1

    b405d8517fbb8e62c9e096663a9807c843404faf

  • SHA256

    33ab7b9e7719eb9554efe1a5b163c168cd11fc57587710a12737d95a25c1af44

  • SHA512

    076e5089c6a649e3448e8af6282ba51289e97a387487a64fd90ee317189546240027b2f341b1a9170c68b75bb99639b84fded22321852a36a2ad7e4887c28b37

  • SSDEEP

    49152:7QzHt472DpJtTF+TxMoxc1TU+j+dAzGwlrh:7QzHt/tIuoITsdZ

Score
10/10
stealcvidardiscoveryspywarestealer

Malware Config

Extracted

Family

stealc

rc4.plain

Targets

    • Target

      33ab7b9e7719eb9554efe1a5b163c168cd11fc57587710a12737d95a25c1af44

    • Size

      2.0MB

    • MD5

      8eb51c2790222337692425c65882269b

    • SHA1

      b405d8517fbb8e62c9e096663a9807c843404faf

    • SHA256

      33ab7b9e7719eb9554efe1a5b163c168cd11fc57587710a12737d95a25c1af44

    • SHA512

      076e5089c6a649e3448e8af6282ba51289e97a387487a64fd90ee317189546240027b2f341b1a9170c68b75bb99639b84fded22321852a36a2ad7e4887c28b37

    • SSDEEP

      49152:7QzHt472DpJtTF+TxMoxc1TU+j+dAzGwlrh:7QzHt/tIuoITsdZ

    Score
    10/10
    stealcvidardiscoveryspywarestealer

    • Detect Vidar Stealer

      stealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks