General
-
Target
4b0a0a1350cda6674122191fcf1882af0aac34c78e38e0b3e26c65f485c63096
-
Size
1.9MB
-
Sample
240527-v7vygabh21
-
MD5
4ff760d287d00c87b187c653983409b7
-
SHA1
ed4f013dfd16f10c1e74264541fd180d41b02600
-
SHA256
4b0a0a1350cda6674122191fcf1882af0aac34c78e38e0b3e26c65f485c63096
-
SHA512
2edba7ee370c4ad60d238eeb60f1263477203aa59ef55d14103850c9b0cc12efdf8c097ebafa05f95581cdde89686d970baa1332527fecada9a9a1a558adc505
-
SSDEEP
49152:CdKfTn6vSJtTF+TxMoxc1TU+j+dAzGwlrh:CdKfTnxtIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
4b0a0a1350cda6674122191fcf1882af0aac34c78e38e0b3e26c65f485c63096.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
4b0a0a1350cda6674122191fcf1882af0aac34c78e38e0b3e26c65f485c63096
-
Size
1.9MB
-
MD5
4ff760d287d00c87b187c653983409b7
-
SHA1
ed4f013dfd16f10c1e74264541fd180d41b02600
-
SHA256
4b0a0a1350cda6674122191fcf1882af0aac34c78e38e0b3e26c65f485c63096
-
SHA512
2edba7ee370c4ad60d238eeb60f1263477203aa59ef55d14103850c9b0cc12efdf8c097ebafa05f95581cdde89686d970baa1332527fecada9a9a1a558adc505
-
SSDEEP
49152:CdKfTn6vSJtTF+TxMoxc1TU+j+dAzGwlrh:CdKfTnxtIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-