General
-
Target
23ed823589423c58af88d704fb0d6d6835403f05ca66739c4cdab7689396a4e1
-
Size
2.0MB
-
Sample
240525-mjrbdade7y
-
MD5
fe809b75cab1ef75d5f41c8bfcbd7508
-
SHA1
14f9eb3d52b8a5922fb31c84e7bac5dd747e2be7
-
SHA256
23ed823589423c58af88d704fb0d6d6835403f05ca66739c4cdab7689396a4e1
-
SHA512
72c94d0f4192bea5a8f8a34b0f11cbb1cb320c5a987be1ae86c8bc94bbcf41a7791299e0affa4cdaf0ca4cef4dfeb9aa1194fbf2b57c5df0bd08a65f145db8d7
-
SSDEEP
49152:s4K3x1vUaJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18atIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
23ed823589423c58af88d704fb0d6d6835403f05ca66739c4cdab7689396a4e1.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
23ed823589423c58af88d704fb0d6d6835403f05ca66739c4cdab7689396a4e1
-
Size
2.0MB
-
MD5
fe809b75cab1ef75d5f41c8bfcbd7508
-
SHA1
14f9eb3d52b8a5922fb31c84e7bac5dd747e2be7
-
SHA256
23ed823589423c58af88d704fb0d6d6835403f05ca66739c4cdab7689396a4e1
-
SHA512
72c94d0f4192bea5a8f8a34b0f11cbb1cb320c5a987be1ae86c8bc94bbcf41a7791299e0affa4cdaf0ca4cef4dfeb9aa1194fbf2b57c5df0bd08a65f145db8d7
-
SSDEEP
49152:s4K3x1vUaJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18atIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-