General
-
Target
469e413d10621cd10bbd605b48d8cd536924d2551b77229c2e3ab0082822449a
-
Size
2.4MB
-
Sample
240606-3r5fzaeh57
-
MD5
38743304a95ca78cb2564b689b7792b7
-
SHA1
953d8176b650f286e69f1746297be80f81bed149
-
SHA256
469e413d10621cd10bbd605b48d8cd536924d2551b77229c2e3ab0082822449a
-
SHA512
795d2b954649b2c3203e41caf913c3b244f3ba950a55743e786dad942940b7e30479a5fa2dc5b04a19241834aa126acb33e30a8fe359123905dfb97974a82e30
-
SSDEEP
49152:wQc81KnB/a/hNT/dxYa8aesY3Ot4N7G/:wDta/hNT/dxn0etD/
Static task
static1
Behavioral task
behavioral1
Sample
469e413d10621cd10bbd605b48d8cd536924d2551b77229c2e3ab0082822449a.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/ta904ek
https://steamcommunity.com/profiles/76561199695752269
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
469e413d10621cd10bbd605b48d8cd536924d2551b77229c2e3ab0082822449a
-
Size
2.4MB
-
MD5
38743304a95ca78cb2564b689b7792b7
-
SHA1
953d8176b650f286e69f1746297be80f81bed149
-
SHA256
469e413d10621cd10bbd605b48d8cd536924d2551b77229c2e3ab0082822449a
-
SHA512
795d2b954649b2c3203e41caf913c3b244f3ba950a55743e786dad942940b7e30479a5fa2dc5b04a19241834aa126acb33e30a8fe359123905dfb97974a82e30
-
SSDEEP
49152:wQc81KnB/a/hNT/dxYa8aesY3Ot4N7G/:wDta/hNT/dxn0etD/
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-