General
-
Target
dc17e7583b896ace09a956f2c5c0737f0b6b42312ba2db19b94c08c1dc108114
-
Size
2.4MB
-
Sample
240524-qh1p7sfc4z
-
MD5
024752dbf63f9e5b18076c1ab34618c5
-
SHA1
774144080d005726766b4cfe612893516fd802f0
-
SHA256
dc17e7583b896ace09a956f2c5c0737f0b6b42312ba2db19b94c08c1dc108114
-
SHA512
73cb270e3247c81e8f3400c393762009d9aed606797aa836c74b9d950f7da5a57dc277f827858112654b7b6aaafa91ecddbcedb4189b522572b420a2a821406e
-
SSDEEP
49152:jxIRJF1HL+VdX68kUiJtTF+TxMoxc1TU+j+dAzGwlrh:jEJF16dX68ditIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
dc17e7583b896ace09a956f2c5c0737f0b6b42312ba2db19b94c08c1dc108114.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
dc17e7583b896ace09a956f2c5c0737f0b6b42312ba2db19b94c08c1dc108114
-
Size
2.4MB
-
MD5
024752dbf63f9e5b18076c1ab34618c5
-
SHA1
774144080d005726766b4cfe612893516fd802f0
-
SHA256
dc17e7583b896ace09a956f2c5c0737f0b6b42312ba2db19b94c08c1dc108114
-
SHA512
73cb270e3247c81e8f3400c393762009d9aed606797aa836c74b9d950f7da5a57dc277f827858112654b7b6aaafa91ecddbcedb4189b522572b420a2a821406e
-
SSDEEP
49152:jxIRJF1HL+VdX68kUiJtTF+TxMoxc1TU+j+dAzGwlrh:jEJF16dX68ditIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-