General
-
Target
f036669c864ef083df214fcc3010a470292e88324ab3822e51e51c7a2f7ae712
-
Size
1.9MB
-
Sample
240528-fpaggsge58
-
MD5
8eb3752883d11c0616f697d641884cfa
-
SHA1
fae09831471bcc719d5fb608fef7776d72b7e3ae
-
SHA256
f036669c864ef083df214fcc3010a470292e88324ab3822e51e51c7a2f7ae712
-
SHA512
2b8224c9a6a8d47d8f73db9c0568f4917e825ec762211104c6b899330fb823a818737322cb80937054f3a0189be65b3795edf731f114cf8c656a4ea68fad101c
-
SSDEEP
49152:CdKfTn6vqJtTF+TxMoxc1TU+j+dAzGwlrh:CdKfTnxtIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
f036669c864ef083df214fcc3010a470292e88324ab3822e51e51c7a2f7ae712.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
f036669c864ef083df214fcc3010a470292e88324ab3822e51e51c7a2f7ae712
-
Size
1.9MB
-
MD5
8eb3752883d11c0616f697d641884cfa
-
SHA1
fae09831471bcc719d5fb608fef7776d72b7e3ae
-
SHA256
f036669c864ef083df214fcc3010a470292e88324ab3822e51e51c7a2f7ae712
-
SHA512
2b8224c9a6a8d47d8f73db9c0568f4917e825ec762211104c6b899330fb823a818737322cb80937054f3a0189be65b3795edf731f114cf8c656a4ea68fad101c
-
SSDEEP
49152:CdKfTn6vqJtTF+TxMoxc1TU+j+dAzGwlrh:CdKfTnxtIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-