General
-
Target
fb0cac931236f546f2bb2ba6045bd5c5bac3b4ad6ad4dc4d8081ea4f7f4eff42
-
Size
2.4MB
-
Sample
240524-pkmexsbd59
-
MD5
b909912bb3516e619dace30b842af9af
-
SHA1
6da059c5743af8f433d551402985b1ccd0313de1
-
SHA256
fb0cac931236f546f2bb2ba6045bd5c5bac3b4ad6ad4dc4d8081ea4f7f4eff42
-
SHA512
875b076e1927956c0614ca0721158a5ba89d284d453d75119b51f10e80c72c63f52a6fee70515a0eb5991b6563e793bf8f1898ca8051c2740b3bab1d10ac7987
-
SSDEEP
49152:jxIRJF1HL+VdX68kU+JtTF+TxMoxc1TU+j+dAzGwlrh:jEJF16dX68d+tIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
fb0cac931236f546f2bb2ba6045bd5c5bac3b4ad6ad4dc4d8081ea4f7f4eff42.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
fb0cac931236f546f2bb2ba6045bd5c5bac3b4ad6ad4dc4d8081ea4f7f4eff42
-
Size
2.4MB
-
MD5
b909912bb3516e619dace30b842af9af
-
SHA1
6da059c5743af8f433d551402985b1ccd0313de1
-
SHA256
fb0cac931236f546f2bb2ba6045bd5c5bac3b4ad6ad4dc4d8081ea4f7f4eff42
-
SHA512
875b076e1927956c0614ca0721158a5ba89d284d453d75119b51f10e80c72c63f52a6fee70515a0eb5991b6563e793bf8f1898ca8051c2740b3bab1d10ac7987
-
SSDEEP
49152:jxIRJF1HL+VdX68kU+JtTF+TxMoxc1TU+j+dAzGwlrh:jEJF16dX68d+tIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-