General
-
Target
abcfdec1fe017118be5885f4da30651b0589cdea06e953b5d3ea9f50a9f1feef
-
Size
1.9MB
-
Sample
240528-f2rxasfg8w
-
MD5
fd5424375ddf184f13635b106700dfc8
-
SHA1
6b349edc0290bdb8bf2be9526a0dab0f54628b2f
-
SHA256
abcfdec1fe017118be5885f4da30651b0589cdea06e953b5d3ea9f50a9f1feef
-
SHA512
592486276e7e09cea92b77db3455b0078783a53d0f3c24ad05d16be2d17b9181809665d0e808ee1c6aa2d70f40f2de35222e9c4b4ceb12e8c56e02e10b0ebfb9
-
SSDEEP
49152:CdKfTn6viJtTF+TxMoxc1TU+j+dAzGwlrh:CdKfTnptIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
abcfdec1fe017118be5885f4da30651b0589cdea06e953b5d3ea9f50a9f1feef.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
abcfdec1fe017118be5885f4da30651b0589cdea06e953b5d3ea9f50a9f1feef
-
Size
1.9MB
-
MD5
fd5424375ddf184f13635b106700dfc8
-
SHA1
6b349edc0290bdb8bf2be9526a0dab0f54628b2f
-
SHA256
abcfdec1fe017118be5885f4da30651b0589cdea06e953b5d3ea9f50a9f1feef
-
SHA512
592486276e7e09cea92b77db3455b0078783a53d0f3c24ad05d16be2d17b9181809665d0e808ee1c6aa2d70f40f2de35222e9c4b4ceb12e8c56e02e10b0ebfb9
-
SSDEEP
49152:CdKfTn6viJtTF+TxMoxc1TU+j+dAzGwlrh:CdKfTnptIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-