General
-
Target
8b58b14f2bce7f4640b46249cd6754d4334fd2cb5943d450d1c540c379adfe24
-
Size
2.4MB
-
Sample
240524-qnh3cafg36
-
MD5
f1b762ec0868115ea8a39d6ef051d485
-
SHA1
a6bcb404c0ad9076d7db06ae8c242e2f6ee87b0f
-
SHA256
8b58b14f2bce7f4640b46249cd6754d4334fd2cb5943d450d1c540c379adfe24
-
SHA512
365c6a50f743bb4962d566bad184f28eda09014578662918d2121d2ce1caa469476bd03de11251d09c3dd2f9fa9f4df5e84b1aee9c9f14622cd5ebd526eb14d4
-
SSDEEP
49152:jxIRJF1HL+VdX68kU+JtTF+TxMoxc1TU+j+dAzGwlrh:jEJF16dX68d+tIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
8b58b14f2bce7f4640b46249cd6754d4334fd2cb5943d450d1c540c379adfe24.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
8b58b14f2bce7f4640b46249cd6754d4334fd2cb5943d450d1c540c379adfe24
-
Size
2.4MB
-
MD5
f1b762ec0868115ea8a39d6ef051d485
-
SHA1
a6bcb404c0ad9076d7db06ae8c242e2f6ee87b0f
-
SHA256
8b58b14f2bce7f4640b46249cd6754d4334fd2cb5943d450d1c540c379adfe24
-
SHA512
365c6a50f743bb4962d566bad184f28eda09014578662918d2121d2ce1caa469476bd03de11251d09c3dd2f9fa9f4df5e84b1aee9c9f14622cd5ebd526eb14d4
-
SSDEEP
49152:jxIRJF1HL+VdX68kU+JtTF+TxMoxc1TU+j+dAzGwlrh:jEJF16dX68d+tIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-