General
-
Target
1b54f5d8984264d22f0bdba041e694c9b9fcbb3a201c0d1c0e5acf5cca912825
-
Size
2.4MB
-
Sample
240601-wz9x4abf38
-
MD5
fdfd4aea40056803e22092de63cd7c57
-
SHA1
e89a8e6532b126804bc13e2d152f66e73d82e807
-
SHA256
1b54f5d8984264d22f0bdba041e694c9b9fcbb3a201c0d1c0e5acf5cca912825
-
SHA512
690ca2e6e240a5193409909614467f2c730aeca4c53bc2f64f56b84032c22a458a2761f57265bdc164776d65df14e38ff7adee076287caaeac8cd3e4e18ca56a
-
SSDEEP
49152:wQc81KnB/a/hNT/dNYa8aesY3Ot4N7G/:wDta/hNT/dNn0etD/
Static task
static1
Behavioral task
behavioral1
Sample
1b54f5d8984264d22f0bdba041e694c9b9fcbb3a201c0d1c0e5acf5cca912825.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/ta904ek
https://steamcommunity.com/profiles/76561199695752269
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
1b54f5d8984264d22f0bdba041e694c9b9fcbb3a201c0d1c0e5acf5cca912825
-
Size
2.4MB
-
MD5
fdfd4aea40056803e22092de63cd7c57
-
SHA1
e89a8e6532b126804bc13e2d152f66e73d82e807
-
SHA256
1b54f5d8984264d22f0bdba041e694c9b9fcbb3a201c0d1c0e5acf5cca912825
-
SHA512
690ca2e6e240a5193409909614467f2c730aeca4c53bc2f64f56b84032c22a458a2761f57265bdc164776d65df14e38ff7adee076287caaeac8cd3e4e18ca56a
-
SSDEEP
49152:wQc81KnB/a/hNT/dNYa8aesY3Ot4N7G/:wDta/hNT/dNn0etD/
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-