General

  • Target

    46514a81626d3c58a48f0bdd17c9bdb2352004ae4ab79af1ca50ff285bcb68cb

  • Size

    9.9MB

  • Sample

    240606-3mkk1aeg88

  • MD5

    711e1fcfc587eee41a187abd9091bfea

  • SHA1

    cb1e234580935af2f597d9e667f8d2599368abe3

  • SHA256

    46514a81626d3c58a48f0bdd17c9bdb2352004ae4ab79af1ca50ff285bcb68cb

  • SHA512

    bb0f540acf5e0e9f5044e3c2868f8aec88199ae5e9007a6df2a904a60b33079cd4d94e66ff195b898c6fe0d91075fb77a789a5e64769b6b4cba81232dc91fdb5

  • SSDEEP

    196608:tYohctfEFaaf+vApItM1rf/c3y+OykakmBaREv12zsE1EyamEVgwNzYtdeu8T:tYictfEFv+vHC1b/cXcyGE92h1om3oYS

Malware Config

Targets

    • Target

      46514a81626d3c58a48f0bdd17c9bdb2352004ae4ab79af1ca50ff285bcb68cb

    • Size

      9.9MB

    • MD5

      711e1fcfc587eee41a187abd9091bfea

    • SHA1

      cb1e234580935af2f597d9e667f8d2599368abe3

    • SHA256

      46514a81626d3c58a48f0bdd17c9bdb2352004ae4ab79af1ca50ff285bcb68cb

    • SHA512

      bb0f540acf5e0e9f5044e3c2868f8aec88199ae5e9007a6df2a904a60b33079cd4d94e66ff195b898c6fe0d91075fb77a789a5e64769b6b4cba81232dc91fdb5

    • SSDEEP

      196608:tYohctfEFaaf+vApItM1rf/c3y+OykakmBaREv12zsE1EyamEVgwNzYtdeu8T:tYictfEFv+vHC1b/cXcyGE92h1om3oYS

    • Detect Vidar Stealer

    • Stealc

      Stealc is an infostealer written in C++.

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks