General
-
Target
41d105573c282c536df5b46bcdbb0433425ac026c559b24af5ead7d0f0b8013f
-
Size
2.0MB
-
Sample
240526-f9b6tahe47
-
MD5
b6e1f5329a80faa306ee6548a7fca2d7
-
SHA1
03f673ba13e99a96013bd443aab792561493d4db
-
SHA256
41d105573c282c536df5b46bcdbb0433425ac026c559b24af5ead7d0f0b8013f
-
SHA512
67131615ee350d0859e90c154024e42f5bdc6a4081518075d39a1ceb57255320b97c94915d94c7aa61fbe441b29a2ffe3cc2b83445eb6ff53f772cc4d0834c9f
-
SSDEEP
49152:s4K3x1vUuJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18utIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
41d105573c282c536df5b46bcdbb0433425ac026c559b24af5ead7d0f0b8013f.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
41d105573c282c536df5b46bcdbb0433425ac026c559b24af5ead7d0f0b8013f
-
Size
2.0MB
-
MD5
b6e1f5329a80faa306ee6548a7fca2d7
-
SHA1
03f673ba13e99a96013bd443aab792561493d4db
-
SHA256
41d105573c282c536df5b46bcdbb0433425ac026c559b24af5ead7d0f0b8013f
-
SHA512
67131615ee350d0859e90c154024e42f5bdc6a4081518075d39a1ceb57255320b97c94915d94c7aa61fbe441b29a2ffe3cc2b83445eb6ff53f772cc4d0834c9f
-
SSDEEP
49152:s4K3x1vUuJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18utIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-