General
-
Target
73ec08ee03702ac1c54a4a8fb21a1a0095c84d0ca87b1323715f1f089cf19b21
-
Size
2.0MB
-
Sample
240526-el3s7aec5t
-
MD5
f13062fd88d7a5dc030891ccc249ea86
-
SHA1
a26e5083392794a65653f045017fc3ac31b69674
-
SHA256
73ec08ee03702ac1c54a4a8fb21a1a0095c84d0ca87b1323715f1f089cf19b21
-
SHA512
3485ad8c418743c78767491f9e16073a9ddcd50f0622254b9e2c76ff45afb9676c2c6bb4a8d903c7def70df1cea8c96e54b2d669083e77ee9199ce6dbd5075a6
-
SSDEEP
49152:s4K3x1vUWJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18WtIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
73ec08ee03702ac1c54a4a8fb21a1a0095c84d0ca87b1323715f1f089cf19b21.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
73ec08ee03702ac1c54a4a8fb21a1a0095c84d0ca87b1323715f1f089cf19b21
-
Size
2.0MB
-
MD5
f13062fd88d7a5dc030891ccc249ea86
-
SHA1
a26e5083392794a65653f045017fc3ac31b69674
-
SHA256
73ec08ee03702ac1c54a4a8fb21a1a0095c84d0ca87b1323715f1f089cf19b21
-
SHA512
3485ad8c418743c78767491f9e16073a9ddcd50f0622254b9e2c76ff45afb9676c2c6bb4a8d903c7def70df1cea8c96e54b2d669083e77ee9199ce6dbd5075a6
-
SSDEEP
49152:s4K3x1vUWJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18WtIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-