General
-
Target
85e5efee9dbe286dc1a846145bfc85c925c4a51559d3d1e951fe5464314ce856
-
Size
2.4MB
-
Sample
240603-fvgsradh33
-
MD5
5101374409cf1e5f70fa1ff02e6b63e1
-
SHA1
134dcce57146738dc0ad796327bd7b4cd6441684
-
SHA256
85e5efee9dbe286dc1a846145bfc85c925c4a51559d3d1e951fe5464314ce856
-
SHA512
29bd46d7cdb4eb1295d40471c035c737abc3f57fdf3785e8dc7eddcd4fd5ce5dbebaeae109bece2bebc8e03fe53f2889ec47e053cfd4ea1e8b704862a73369f3
-
SSDEEP
49152:wQc81KnB/a/hNT/dlYa8aesY3Ot4N7G/:wDta/hNT/dln0etD/
Static task
static1
Behavioral task
behavioral1
Sample
85e5efee9dbe286dc1a846145bfc85c925c4a51559d3d1e951fe5464314ce856.exe
Resource
win7-20240419-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/ta904ek
https://steamcommunity.com/profiles/76561199695752269
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
85e5efee9dbe286dc1a846145bfc85c925c4a51559d3d1e951fe5464314ce856
-
Size
2.4MB
-
MD5
5101374409cf1e5f70fa1ff02e6b63e1
-
SHA1
134dcce57146738dc0ad796327bd7b4cd6441684
-
SHA256
85e5efee9dbe286dc1a846145bfc85c925c4a51559d3d1e951fe5464314ce856
-
SHA512
29bd46d7cdb4eb1295d40471c035c737abc3f57fdf3785e8dc7eddcd4fd5ce5dbebaeae109bece2bebc8e03fe53f2889ec47e053cfd4ea1e8b704862a73369f3
-
SSDEEP
49152:wQc81KnB/a/hNT/dlYa8aesY3Ot4N7G/:wDta/hNT/dln0etD/
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-