General
-
Target
688be43c5df4f384feb809364feaf42a64988128bf8e873c3f7a3e31ab23d85a
-
Size
2.0MB
-
Sample
240522-zg6z9sga25
-
MD5
d360ab70d33011e92130c42526f09a87
-
SHA1
3336a3fb67eaecc85734cfed1ad18fae79f6409d
-
SHA256
688be43c5df4f384feb809364feaf42a64988128bf8e873c3f7a3e31ab23d85a
-
SHA512
9632ccacc5c85983fe57f72c766fcc39decf99601c6e8c51b05c78ba76bd5a8f57a6e9a3bab8272138edef7b0f094317c398b79cb20cac1be377bc54863b2c77
-
SSDEEP
49152:7QzHt472DAJtTF+TxMoxc1TU+j+dAzGwlrh:7QzHt6tIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
688be43c5df4f384feb809364feaf42a64988128bf8e873c3f7a3e31ab23d85a.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Targets
-
-
Target
688be43c5df4f384feb809364feaf42a64988128bf8e873c3f7a3e31ab23d85a
-
Size
2.0MB
-
MD5
d360ab70d33011e92130c42526f09a87
-
SHA1
3336a3fb67eaecc85734cfed1ad18fae79f6409d
-
SHA256
688be43c5df4f384feb809364feaf42a64988128bf8e873c3f7a3e31ab23d85a
-
SHA512
9632ccacc5c85983fe57f72c766fcc39decf99601c6e8c51b05c78ba76bd5a8f57a6e9a3bab8272138edef7b0f094317c398b79cb20cac1be377bc54863b2c77
-
SSDEEP
49152:7QzHt472DAJtTF+TxMoxc1TU+j+dAzGwlrh:7QzHt6tIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-