General
-
Target
b9c592b9e1f1ce6649c2fe1f58c5a778fca65974003b8df0e7db90e57d3a33e2
-
Size
2.0MB
-
Sample
240523-c7y11sbc42
-
MD5
85a0a6d2685712b4cf6afc5cb10a93e7
-
SHA1
e6f8ad4d3862de7eba2f2fc4721d89ef0fba38fe
-
SHA256
b9c592b9e1f1ce6649c2fe1f58c5a778fca65974003b8df0e7db90e57d3a33e2
-
SHA512
f934b45e131db9cbdf3ae0eb3b6777b938c451e32b6f6b616604ba5098d0f881c628cc2a8723f19e30ca4d86cd20e8893fb72a823a449e41538e20f41c79d6ed
-
SSDEEP
49152:7QzHt472DaJtTF+TxMoxc1TU+j+dAzGwlrh:7QzHtMtIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
b9c592b9e1f1ce6649c2fe1f58c5a778fca65974003b8df0e7db90e57d3a33e2.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Targets
-
-
Target
b9c592b9e1f1ce6649c2fe1f58c5a778fca65974003b8df0e7db90e57d3a33e2
-
Size
2.0MB
-
MD5
85a0a6d2685712b4cf6afc5cb10a93e7
-
SHA1
e6f8ad4d3862de7eba2f2fc4721d89ef0fba38fe
-
SHA256
b9c592b9e1f1ce6649c2fe1f58c5a778fca65974003b8df0e7db90e57d3a33e2
-
SHA512
f934b45e131db9cbdf3ae0eb3b6777b938c451e32b6f6b616604ba5098d0f881c628cc2a8723f19e30ca4d86cd20e8893fb72a823a449e41538e20f41c79d6ed
-
SSDEEP
49152:7QzHt472DaJtTF+TxMoxc1TU+j+dAzGwlrh:7QzHtMtIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-