Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    81b99b9284a572aec523b1d66d368f80eeb4aad2a636e3aa2f81fe95f4c3cfad

  • Size

    2.0MB

  • Sample

    240522-zq7m6agc7z

  • MD5

    a3626afcaecb612c45c86151be8f1b11

  • SHA1

    464e3a4f25fd4f9c624448badddc39225261794a

  • SHA256

    81b99b9284a572aec523b1d66d368f80eeb4aad2a636e3aa2f81fe95f4c3cfad

  • SHA512

    9ce7384c1fecf0da00f03a16fbbab6624c92097d5fa5059c2caa69676c519e1873c54e568e89de1d11c4707dbe36dcb3adbbfcf49522f1132fc09481d53e2a63

  • SSDEEP

    49152:7QzHt472D7JtTF+TxMoxc1TU+j+dAzGwlrh:7QzHtdtIuoITsdZ

Score
10/10
stealcvidardiscoveryspywarestealer

Malware Config

Extracted

Family

stealc

rc4.plain

Targets

    • Target

      81b99b9284a572aec523b1d66d368f80eeb4aad2a636e3aa2f81fe95f4c3cfad

    • Size

      2.0MB

    • MD5

      a3626afcaecb612c45c86151be8f1b11

    • SHA1

      464e3a4f25fd4f9c624448badddc39225261794a

    • SHA256

      81b99b9284a572aec523b1d66d368f80eeb4aad2a636e3aa2f81fe95f4c3cfad

    • SHA512

      9ce7384c1fecf0da00f03a16fbbab6624c92097d5fa5059c2caa69676c519e1873c54e568e89de1d11c4707dbe36dcb3adbbfcf49522f1132fc09481d53e2a63

    • SSDEEP

      49152:7QzHt472D7JtTF+TxMoxc1TU+j+dAzGwlrh:7QzHtdtIuoITsdZ

    Score
    10/10
    stealcvidardiscoveryspywarestealer

    • Detect Vidar Stealer

      stealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks