General
-
Target
22296ac2af9f18ae7707c91563eae8338e6282f5f701b0f6acb1ae20875ea959
-
Size
2.0MB
-
Sample
240526-kx2cdsdg88
-
MD5
941cf391efb711e2e538ebe258c93374
-
SHA1
00a00d7115443cb7d0d3e9c8636bf9e1ba910e96
-
SHA256
22296ac2af9f18ae7707c91563eae8338e6282f5f701b0f6acb1ae20875ea959
-
SHA512
3c0d136264595b07db34db15d342946a2d34a7f87e4187c345cfdff17c94be288aea4e38ae306899158b282f60c7fce3c647c8c4efe9d6ee07c76cf0af02fb1e
-
SSDEEP
49152:s4K3x1vUqJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18qtIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
22296ac2af9f18ae7707c91563eae8338e6282f5f701b0f6acb1ae20875ea959.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
22296ac2af9f18ae7707c91563eae8338e6282f5f701b0f6acb1ae20875ea959
-
Size
2.0MB
-
MD5
941cf391efb711e2e538ebe258c93374
-
SHA1
00a00d7115443cb7d0d3e9c8636bf9e1ba910e96
-
SHA256
22296ac2af9f18ae7707c91563eae8338e6282f5f701b0f6acb1ae20875ea959
-
SHA512
3c0d136264595b07db34db15d342946a2d34a7f87e4187c345cfdff17c94be288aea4e38ae306899158b282f60c7fce3c647c8c4efe9d6ee07c76cf0af02fb1e
-
SSDEEP
49152:s4K3x1vUqJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18qtIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-