General
-
Target
4e57ba211728826bb1ebebb5735cc825b06bbf6689984a13b6a88b5e8e0178e2
-
Size
2.0MB
-
Sample
240526-f4y4dsge4s
-
MD5
441f2308a3fbf4a10357141a50231cc9
-
SHA1
0c38c3282a5bfcd9feee7c9a316af42307577515
-
SHA256
4e57ba211728826bb1ebebb5735cc825b06bbf6689984a13b6a88b5e8e0178e2
-
SHA512
4957ae673cc468d08158cd57f0f7e83770b42cc8837da375fdf65440bcb2b34c9d486777a61f092168738710ba8a77bf0b0b8207e2a6cd6974c9300b08711fd0
-
SSDEEP
49152:s4K3x1vUCJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18CtIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
4e57ba211728826bb1ebebb5735cc825b06bbf6689984a13b6a88b5e8e0178e2.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
4e57ba211728826bb1ebebb5735cc825b06bbf6689984a13b6a88b5e8e0178e2
-
Size
2.0MB
-
MD5
441f2308a3fbf4a10357141a50231cc9
-
SHA1
0c38c3282a5bfcd9feee7c9a316af42307577515
-
SHA256
4e57ba211728826bb1ebebb5735cc825b06bbf6689984a13b6a88b5e8e0178e2
-
SHA512
4957ae673cc468d08158cd57f0f7e83770b42cc8837da375fdf65440bcb2b34c9d486777a61f092168738710ba8a77bf0b0b8207e2a6cd6974c9300b08711fd0
-
SSDEEP
49152:s4K3x1vUCJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18CtIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-