General
-
Target
6e14a123950c53606e15efa04863e78390be0e926f1a2b356f02cd47aa9b3625
-
Size
2.0MB
-
Sample
240523-bx4cbagf9w
-
MD5
c261e78eee777d2ac7be4dadfa55336d
-
SHA1
11386f6f5d08fd473a4db6be75e7c2ba2ed2ef6d
-
SHA256
6e14a123950c53606e15efa04863e78390be0e926f1a2b356f02cd47aa9b3625
-
SHA512
018d73723c77ee24be4fc56cab4db7df73671d106da8db05ba2b5a7bc1c133e7aedecc6ca47d0645061815dc54e2a78982cb7a134180e1ad4846ec672a21580a
-
SSDEEP
49152:IFno/jfAJtTF+TxMoxc1TU+j+dAzGkiT:IFno/jYtIuoITsdZT
Static task
static1
Behavioral task
behavioral1
Sample
6e14a123950c53606e15efa04863e78390be0e926f1a2b356f02cd47aa9b3625.exe
Resource
win7-20240220-en
Malware Config
Extracted
stealc
Targets
-
-
Target
6e14a123950c53606e15efa04863e78390be0e926f1a2b356f02cd47aa9b3625
-
Size
2.0MB
-
MD5
c261e78eee777d2ac7be4dadfa55336d
-
SHA1
11386f6f5d08fd473a4db6be75e7c2ba2ed2ef6d
-
SHA256
6e14a123950c53606e15efa04863e78390be0e926f1a2b356f02cd47aa9b3625
-
SHA512
018d73723c77ee24be4fc56cab4db7df73671d106da8db05ba2b5a7bc1c133e7aedecc6ca47d0645061815dc54e2a78982cb7a134180e1ad4846ec672a21580a
-
SSDEEP
49152:IFno/jfAJtTF+TxMoxc1TU+j+dAzGkiT:IFno/jYtIuoITsdZT
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-