General
-
Target
cc97d9cc124796d942921430b2659bbb27772a9836ae01716ad94ae2705a3464
-
Size
2.9MB
-
Sample
240606-3v9vvsfa27
-
MD5
b52e2191dc8cdfc4529a76a757354d7d
-
SHA1
143234a2ca0d732d143e28618408816bd196ff07
-
SHA256
cc97d9cc124796d942921430b2659bbb27772a9836ae01716ad94ae2705a3464
-
SHA512
42273d9bf44055fcd4455c710535dd1529af7c03dc7ec7716f9fe22fc7f2c8a7e862664b4878163e114ebbfed64c169cef91620e0cabfdc1021b6dd211a94f60
-
SSDEEP
49152:rtpSxptE1AKnClMS4cdR/z4+UVi4e9Crn:r/4nE1dC6Kxx4e9Cb
Static task
static1
Behavioral task
behavioral1
Sample
cc97d9cc124796d942921430b2659bbb27772a9836ae01716ad94ae2705a3464.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/r8z0l
https://steamcommunity.com/profiles/76561199698764354
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
cc97d9cc124796d942921430b2659bbb27772a9836ae01716ad94ae2705a3464
-
Size
2.9MB
-
MD5
b52e2191dc8cdfc4529a76a757354d7d
-
SHA1
143234a2ca0d732d143e28618408816bd196ff07
-
SHA256
cc97d9cc124796d942921430b2659bbb27772a9836ae01716ad94ae2705a3464
-
SHA512
42273d9bf44055fcd4455c710535dd1529af7c03dc7ec7716f9fe22fc7f2c8a7e862664b4878163e114ebbfed64c169cef91620e0cabfdc1021b6dd211a94f60
-
SSDEEP
49152:rtpSxptE1AKnClMS4cdR/z4+UVi4e9Crn:r/4nE1dC6Kxx4e9Cb
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-