General
-
Target
b6337147a87cdfa87a5ef7cd4783aa5d5bfe08ca30781b948b5e04b958b48b46
-
Size
2.0MB
-
Sample
240526-vt8meadg61
-
MD5
eee053948b38ddfd0acb2fdf80838388
-
SHA1
4fa871894c700371235f667dfdb0eb9d1ea24938
-
SHA256
b6337147a87cdfa87a5ef7cd4783aa5d5bfe08ca30781b948b5e04b958b48b46
-
SHA512
3381d0875962516f8636791f73b334c9c98a63131849059b2e3ac25df4d166611f0edc6863b68ccc92f1270702126363441552bf9daf5787c12b971e8b108f98
-
SSDEEP
49152:OePpQEFJtTF+TxMoxc1TU+j+dAzGwlrh:OePpQEFtIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
b6337147a87cdfa87a5ef7cd4783aa5d5bfe08ca30781b948b5e04b958b48b46.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
b6337147a87cdfa87a5ef7cd4783aa5d5bfe08ca30781b948b5e04b958b48b46
-
Size
2.0MB
-
MD5
eee053948b38ddfd0acb2fdf80838388
-
SHA1
4fa871894c700371235f667dfdb0eb9d1ea24938
-
SHA256
b6337147a87cdfa87a5ef7cd4783aa5d5bfe08ca30781b948b5e04b958b48b46
-
SHA512
3381d0875962516f8636791f73b334c9c98a63131849059b2e3ac25df4d166611f0edc6863b68ccc92f1270702126363441552bf9daf5787c12b971e8b108f98
-
SSDEEP
49152:OePpQEFJtTF+TxMoxc1TU+j+dAzGwlrh:OePpQEFtIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-