General
-
Target
1c3aaf613bc3dd19508feb217795453863c6ad704336d4f598a7b3f245498c42
-
Size
413KB
-
Sample
240603-frqw9adg33
-
MD5
5f7324abc929cdf64e87149e4a8768eb
-
SHA1
932c1e1901fb28eefd389d7abbee7b90d8f28f02
-
SHA256
1c3aaf613bc3dd19508feb217795453863c6ad704336d4f598a7b3f245498c42
-
SHA512
6a8ec8ae6e0f1cf07f91df82234441ada0c099e2fa80ba2edce550364848c3597659c03828793e1607fc0f12c370c5fc97b08442aec2a027274b9de5b3dd7581
-
SSDEEP
12288:agOAzrgCIH1DmvQ81AEFinIMAhZDG/eIY3GIiDEO:agOIcCIVw1AoiCnO43GIIt
Static task
static1
Behavioral task
behavioral1
Sample
1c3aaf613bc3dd19508feb217795453863c6ad704336d4f598a7b3f245498c42.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/ta904ek
https://steamcommunity.com/profiles/76561199695752269
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
1c3aaf613bc3dd19508feb217795453863c6ad704336d4f598a7b3f245498c42
-
Size
413KB
-
MD5
5f7324abc929cdf64e87149e4a8768eb
-
SHA1
932c1e1901fb28eefd389d7abbee7b90d8f28f02
-
SHA256
1c3aaf613bc3dd19508feb217795453863c6ad704336d4f598a7b3f245498c42
-
SHA512
6a8ec8ae6e0f1cf07f91df82234441ada0c099e2fa80ba2edce550364848c3597659c03828793e1607fc0f12c370c5fc97b08442aec2a027274b9de5b3dd7581
-
SSDEEP
12288:agOAzrgCIH1DmvQ81AEFinIMAhZDG/eIY3GIiDEO:agOIcCIVw1AoiCnO43GIIt
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-