General
-
Target
4fecc4aa08cc23bbd6b4cddfff607e150a3cb1c51dcef1458242fb7a212e9273
-
Size
2.4MB
-
Sample
240606-3w7f5afa47
-
MD5
0a2ec887537ab68dbe4922ce5e6bb065
-
SHA1
954bd23fda72a6be3c586c48b630dcdf386e6f70
-
SHA256
4fecc4aa08cc23bbd6b4cddfff607e150a3cb1c51dcef1458242fb7a212e9273
-
SHA512
c49a61360a7fdc014f33e9a3e7b288a53df5cd826591ead3d49e82e3c806c6f28828c1f05a9f937721290e28f739d8c6a80a92653a0cbd4921027ccc506b8d90
-
SSDEEP
49152:wQc81KnB/a/hNT/dxYa8aesY3Ot4N7G/:wDta/hNT/dxn0etD/
Static task
static1
Behavioral task
behavioral1
Sample
4fecc4aa08cc23bbd6b4cddfff607e150a3cb1c51dcef1458242fb7a212e9273.exe
Resource
win7-20231129-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/ta904ek
https://steamcommunity.com/profiles/76561199695752269
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
4fecc4aa08cc23bbd6b4cddfff607e150a3cb1c51dcef1458242fb7a212e9273
-
Size
2.4MB
-
MD5
0a2ec887537ab68dbe4922ce5e6bb065
-
SHA1
954bd23fda72a6be3c586c48b630dcdf386e6f70
-
SHA256
4fecc4aa08cc23bbd6b4cddfff607e150a3cb1c51dcef1458242fb7a212e9273
-
SHA512
c49a61360a7fdc014f33e9a3e7b288a53df5cd826591ead3d49e82e3c806c6f28828c1f05a9f937721290e28f739d8c6a80a92653a0cbd4921027ccc506b8d90
-
SSDEEP
49152:wQc81KnB/a/hNT/dxYa8aesY3Ot4N7G/:wDta/hNT/dxn0etD/
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-