General
-
Target
f6abe6e1ecc782844075ec0100c656fcfd6ac201a4b7f4cec23ec8391da67c7c
-
Size
2.0MB
-
Sample
240525-p4xd8scf3s
-
MD5
84b433f2b9047f1bcd9d51eb9d39c8f6
-
SHA1
d93fdd034c1f2106868a1b26a20ea1edc10e6c57
-
SHA256
f6abe6e1ecc782844075ec0100c656fcfd6ac201a4b7f4cec23ec8391da67c7c
-
SHA512
44dc46f430a08ee88e57c261de23dead6e9f75be22e6c482b99a3af6501b56e067d62484740099634177dbdbfadd8e61b6cf388cbe44f91492a59f4289cd7bcc
-
SSDEEP
49152:s4K3x1vUyJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18ytIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
f6abe6e1ecc782844075ec0100c656fcfd6ac201a4b7f4cec23ec8391da67c7c.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
f6abe6e1ecc782844075ec0100c656fcfd6ac201a4b7f4cec23ec8391da67c7c
-
Size
2.0MB
-
MD5
84b433f2b9047f1bcd9d51eb9d39c8f6
-
SHA1
d93fdd034c1f2106868a1b26a20ea1edc10e6c57
-
SHA256
f6abe6e1ecc782844075ec0100c656fcfd6ac201a4b7f4cec23ec8391da67c7c
-
SHA512
44dc46f430a08ee88e57c261de23dead6e9f75be22e6c482b99a3af6501b56e067d62484740099634177dbdbfadd8e61b6cf388cbe44f91492a59f4289cd7bcc
-
SSDEEP
49152:s4K3x1vUyJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18ytIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-