General
-
Target
5653c42b6617e7593e5f9efda27e035cc952036dfb6ef9b590a672b3a71600bf
-
Size
2.4MB
-
Sample
240606-3yy8jafa75
-
MD5
3e46906272e0d3f4190680b7719f98ba
-
SHA1
8779bd8042a80b0c8b731aa488e7cf5c1c71acba
-
SHA256
5653c42b6617e7593e5f9efda27e035cc952036dfb6ef9b590a672b3a71600bf
-
SHA512
67e1681b7ed56cc347927ce932d9a2e70f3fe9cf4e7cb3a3a17210ef1d3af31892a32dbbca8ea2e296425fd5a510f1719dc364497c0869adf77930dbcc8551fc
-
SSDEEP
49152:wQc81KnB/a/hNT/dRYa8aesY3Ot4N7G/:wDta/hNT/dRn0etD/
Static task
static1
Behavioral task
behavioral1
Sample
5653c42b6617e7593e5f9efda27e035cc952036dfb6ef9b590a672b3a71600bf.exe
Resource
win7-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/ta904ek
https://steamcommunity.com/profiles/76561199695752269
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
5653c42b6617e7593e5f9efda27e035cc952036dfb6ef9b590a672b3a71600bf
-
Size
2.4MB
-
MD5
3e46906272e0d3f4190680b7719f98ba
-
SHA1
8779bd8042a80b0c8b731aa488e7cf5c1c71acba
-
SHA256
5653c42b6617e7593e5f9efda27e035cc952036dfb6ef9b590a672b3a71600bf
-
SHA512
67e1681b7ed56cc347927ce932d9a2e70f3fe9cf4e7cb3a3a17210ef1d3af31892a32dbbca8ea2e296425fd5a510f1719dc364497c0869adf77930dbcc8551fc
-
SSDEEP
49152:wQc81KnB/a/hNT/dRYa8aesY3Ot4N7G/:wDta/hNT/dRn0etD/
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-