General
-
Target
e4fc60066af1811f56f60ce9ca1e1f6441dacea1c86f9377cf1b6aece6d1e8ff.exe
-
Size
2.0MB
-
Sample
240522-xbbk3acd74
-
MD5
e36d7e8f26d145e7ade764b81ffc8b32
-
SHA1
11f97d0df9715e1a4ee9a655aa918bfddc0598d0
-
SHA256
e4fc60066af1811f56f60ce9ca1e1f6441dacea1c86f9377cf1b6aece6d1e8ff
-
SHA512
40f5384bed8c3a353d33d7a85322ef00101f13c0ac48a7a322ba09ddda0548e1347056ba05e1ac5aaf80404861e0a71ab32f98950571526bb019cc37890dc2e5
-
SSDEEP
49152:7QzHt472DcJtTF+TxMoxc1TU+j+dAzGwlrh:7QzHtytIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
e4fc60066af1811f56f60ce9ca1e1f6441dacea1c86f9377cf1b6aece6d1e8ff.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
Targets
-
-
Target
e4fc60066af1811f56f60ce9ca1e1f6441dacea1c86f9377cf1b6aece6d1e8ff.exe
-
Size
2.0MB
-
MD5
e36d7e8f26d145e7ade764b81ffc8b32
-
SHA1
11f97d0df9715e1a4ee9a655aa918bfddc0598d0
-
SHA256
e4fc60066af1811f56f60ce9ca1e1f6441dacea1c86f9377cf1b6aece6d1e8ff
-
SHA512
40f5384bed8c3a353d33d7a85322ef00101f13c0ac48a7a322ba09ddda0548e1347056ba05e1ac5aaf80404861e0a71ab32f98950571526bb019cc37890dc2e5
-
SSDEEP
49152:7QzHt472DcJtTF+TxMoxc1TU+j+dAzGwlrh:7QzHtytIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-