General
-
Target
d5087da4ce01b2cfd26632cb214beaf5d908cc56b3e8bee32e2d314315363c4e.exe
-
Size
2.0MB
-
Sample
240522-yeyqfaeb55
-
MD5
5c9a58f872e2c8229c122a369cfbf1c2
-
SHA1
d36bdaa2bf90db2238fbc646944268c994a042a8
-
SHA256
d5087da4ce01b2cfd26632cb214beaf5d908cc56b3e8bee32e2d314315363c4e
-
SHA512
6da7ca90bd66783b709b0b6bc41fc76c93049f90b6082c556c51cc769b1bb58abe884544c72701ee3f333e1783d9f9f24e94d1cf246e8978a3ac0b9ac645b09e
-
SSDEEP
49152:7QzHt472DnJtTF+TxMoxc1TU+j+dAzGwlrh:7QzHtxtIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
d5087da4ce01b2cfd26632cb214beaf5d908cc56b3e8bee32e2d314315363c4e.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
Targets
-
-
Target
d5087da4ce01b2cfd26632cb214beaf5d908cc56b3e8bee32e2d314315363c4e.exe
-
Size
2.0MB
-
MD5
5c9a58f872e2c8229c122a369cfbf1c2
-
SHA1
d36bdaa2bf90db2238fbc646944268c994a042a8
-
SHA256
d5087da4ce01b2cfd26632cb214beaf5d908cc56b3e8bee32e2d314315363c4e
-
SHA512
6da7ca90bd66783b709b0b6bc41fc76c93049f90b6082c556c51cc769b1bb58abe884544c72701ee3f333e1783d9f9f24e94d1cf246e8978a3ac0b9ac645b09e
-
SSDEEP
49152:7QzHt472DnJtTF+TxMoxc1TU+j+dAzGwlrh:7QzHtxtIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-