General
-
Target
0cd6eba7b6dbeefd4572be0ae903518e95b306fd087ffd6077b7ed316d074af8
-
Size
2.6MB
-
Sample
240528-temwqacb74
-
MD5
61228de41df39ca9790f61e26d645e46
-
SHA1
eb010f8b6d3ba0456b2285f8cde62aaf7f8debfc
-
SHA256
0cd6eba7b6dbeefd4572be0ae903518e95b306fd087ffd6077b7ed316d074af8
-
SHA512
cfcfc021264f47fbbbed7a2d02cb06e39c89b9c641e7de658ed43556529aa52fa3b4c9b91fef4b201764e02c334bdbed97f2c8a46dd88f014b337a89aaa0a25e
-
SSDEEP
49152:XQzIzMiqCNwzJtTF+TxMoxc1TU+j+dAzGwlrh:XY598GtIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
0cd6eba7b6dbeefd4572be0ae903518e95b306fd087ffd6077b7ed316d074af8.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
0cd6eba7b6dbeefd4572be0ae903518e95b306fd087ffd6077b7ed316d074af8
-
Size
2.6MB
-
MD5
61228de41df39ca9790f61e26d645e46
-
SHA1
eb010f8b6d3ba0456b2285f8cde62aaf7f8debfc
-
SHA256
0cd6eba7b6dbeefd4572be0ae903518e95b306fd087ffd6077b7ed316d074af8
-
SHA512
cfcfc021264f47fbbbed7a2d02cb06e39c89b9c641e7de658ed43556529aa52fa3b4c9b91fef4b201764e02c334bdbed97f2c8a46dd88f014b337a89aaa0a25e
-
SSDEEP
49152:XQzIzMiqCNwzJtTF+TxMoxc1TU+j+dAzGwlrh:XY598GtIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-