General
-
Target
b8b6d94f2e3b6ae6be5205ef84ae0332.exe
-
Size
2.7MB
-
Sample
240527-qp3s5sea8x
-
MD5
b8b6d94f2e3b6ae6be5205ef84ae0332
-
SHA1
5ddf798d3d0a007a030a102e6bfc150e5a08ea83
-
SHA256
484de446e05081a326b443adf561111d8d550e0309639007eae2e4c8bdee436b
-
SHA512
968a81025278fe2598961e1376f4c144dd20979f316231093157dee7364713265675070d67c08510b574966e6178264d7e4d350c15cd5eaa7026ca3e9a2f45b3
-
SSDEEP
49152:KFzUITu6rv7vkceIsWGIgT+pFeawTkvBt:KKfYv4J0wTQB
Static task
static1
Behavioral task
behavioral1
Sample
b8b6d94f2e3b6ae6be5205ef84ae0332.exe
Resource
win7-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
b8b6d94f2e3b6ae6be5205ef84ae0332.exe
-
Size
2.7MB
-
MD5
b8b6d94f2e3b6ae6be5205ef84ae0332
-
SHA1
5ddf798d3d0a007a030a102e6bfc150e5a08ea83
-
SHA256
484de446e05081a326b443adf561111d8d550e0309639007eae2e4c8bdee436b
-
SHA512
968a81025278fe2598961e1376f4c144dd20979f316231093157dee7364713265675070d67c08510b574966e6178264d7e4d350c15cd5eaa7026ca3e9a2f45b3
-
SSDEEP
49152:KFzUITu6rv7vkceIsWGIgT+pFeawTkvBt:KKfYv4J0wTQB
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Suspicious use of SetThreadContext
-