General
-
Target
f069deb8d177c4da3041919998ee3783d621937823f6b613d9ab6f47869b1628
-
Size
2.0MB
-
Sample
240527-dvr8daed3y
-
MD5
5ac2b70f295feaa9818ed7d0f6cdca83
-
SHA1
7f09e018351b0f5070114193365136432237abc5
-
SHA256
f069deb8d177c4da3041919998ee3783d621937823f6b613d9ab6f47869b1628
-
SHA512
d3e2e565b72d637d99f1276eeb7c1b02c82f6f3b2bfd7a71076c31dd5c817d08656c53113967c3b48d41a525213634080d1e79236cbddcaef9dc6225c7dc5a9d
-
SSDEEP
49152:OePpQEVJtTF+TxMoxc1TU+j+dAzGwlrh:OePpQEVtIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
f069deb8d177c4da3041919998ee3783d621937823f6b613d9ab6f47869b1628.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
f069deb8d177c4da3041919998ee3783d621937823f6b613d9ab6f47869b1628
-
Size
2.0MB
-
MD5
5ac2b70f295feaa9818ed7d0f6cdca83
-
SHA1
7f09e018351b0f5070114193365136432237abc5
-
SHA256
f069deb8d177c4da3041919998ee3783d621937823f6b613d9ab6f47869b1628
-
SHA512
d3e2e565b72d637d99f1276eeb7c1b02c82f6f3b2bfd7a71076c31dd5c817d08656c53113967c3b48d41a525213634080d1e79236cbddcaef9dc6225c7dc5a9d
-
SSDEEP
49152:OePpQEVJtTF+TxMoxc1TU+j+dAzGwlrh:OePpQEVtIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-