General
-
Target
f475183e91015042fe85c44ea580c31b97dc8e79dc9a53e25fc6f4fd8a7cbb61
-
Size
1.8MB
-
Sample
240603-k1yexahf9v
-
MD5
5f5a1f6d9a62142e288f4eebfea2ec67
-
SHA1
8db742358812a048e73e6ed17f7be8b48a1dcf6d
-
SHA256
f475183e91015042fe85c44ea580c31b97dc8e79dc9a53e25fc6f4fd8a7cbb61
-
SHA512
3596a844d3d2d17fbd9fffbc2bb38fc23cb42d73fc10e4afba9a009902e6aedd6ed132896ad834e46bcfda9cb09640c50f1dc16078e23a057fb7b04cc9abd93b
-
SSDEEP
24576:W7YfUB7F1931tbxYaOV+rEfv0xwT3zxNOt4XigDSCuptNEynEsqqfD:W75B7FDFtbxYa8aesY3Ot4N7G/
Static task
static1
Behavioral task
behavioral1
Sample
f475183e91015042fe85c44ea580c31b97dc8e79dc9a53e25fc6f4fd8a7cbb61.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/ta904ek
https://steamcommunity.com/profiles/76561199695752269
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
f475183e91015042fe85c44ea580c31b97dc8e79dc9a53e25fc6f4fd8a7cbb61
-
Size
1.8MB
-
MD5
5f5a1f6d9a62142e288f4eebfea2ec67
-
SHA1
8db742358812a048e73e6ed17f7be8b48a1dcf6d
-
SHA256
f475183e91015042fe85c44ea580c31b97dc8e79dc9a53e25fc6f4fd8a7cbb61
-
SHA512
3596a844d3d2d17fbd9fffbc2bb38fc23cb42d73fc10e4afba9a009902e6aedd6ed132896ad834e46bcfda9cb09640c50f1dc16078e23a057fb7b04cc9abd93b
-
SSDEEP
24576:W7YfUB7F1931tbxYaOV+rEfv0xwT3zxNOt4XigDSCuptNEynEsqqfD:W75B7FDFtbxYa8aesY3Ot4N7G/
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-