General
-
Target
976354b1243ffe869c3287ed8c53583698c47f0d416415d30f4f7da5f5850477
-
Size
2.0MB
-
Sample
240526-l75m8sfd55
-
MD5
c83362c925fc54cfff05527b2ad83895
-
SHA1
7f257ae61d0a6d5e79500789780a2bca87796d55
-
SHA256
976354b1243ffe869c3287ed8c53583698c47f0d416415d30f4f7da5f5850477
-
SHA512
8effc1f3b5da568349393427a0464c75a8a39fd44d5c26ea46c42e7ee6c1e8b01184a39e587301a6e5e0619595c6e4dd5db784552c55a718e6178051e51fce18
-
SSDEEP
49152:OePpQE1JtTF+TxMoxc1TU+j+dAzGwlrh:OePpQE1tIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
976354b1243ffe869c3287ed8c53583698c47f0d416415d30f4f7da5f5850477.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
976354b1243ffe869c3287ed8c53583698c47f0d416415d30f4f7da5f5850477
-
Size
2.0MB
-
MD5
c83362c925fc54cfff05527b2ad83895
-
SHA1
7f257ae61d0a6d5e79500789780a2bca87796d55
-
SHA256
976354b1243ffe869c3287ed8c53583698c47f0d416415d30f4f7da5f5850477
-
SHA512
8effc1f3b5da568349393427a0464c75a8a39fd44d5c26ea46c42e7ee6c1e8b01184a39e587301a6e5e0619595c6e4dd5db784552c55a718e6178051e51fce18
-
SSDEEP
49152:OePpQE1JtTF+TxMoxc1TU+j+dAzGwlrh:OePpQE1tIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-