General
-
Target
a7cc431cc8ee93723e01aa6aa44a21ce4fee0822920afcfca470c1a18494405a
-
Size
2.4MB
-
Sample
240607-a67wesff97
-
MD5
5b0ad3fdd467aa4d95d4685a463bd1c3
-
SHA1
0b6b5fc3169b7f82a1ab00e6c857e77b397dc086
-
SHA256
a7cc431cc8ee93723e01aa6aa44a21ce4fee0822920afcfca470c1a18494405a
-
SHA512
292ed7b365d4e73504328f52d928ea64a7bb57b68d2fbb683cf688c055b5902fe9feb90fdfb3da0f0756e12556c4e12bc57c8a3646844ec2f7802260f6dd2f70
-
SSDEEP
49152:wQc81KnB/a/hNT/dVYa8aesY3Ot4N7G/:wDta/hNT/dVn0etD/
Static task
static1
Behavioral task
behavioral1
Sample
a7cc431cc8ee93723e01aa6aa44a21ce4fee0822920afcfca470c1a18494405a.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/ta904ek
https://steamcommunity.com/profiles/76561199695752269
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
a7cc431cc8ee93723e01aa6aa44a21ce4fee0822920afcfca470c1a18494405a
-
Size
2.4MB
-
MD5
5b0ad3fdd467aa4d95d4685a463bd1c3
-
SHA1
0b6b5fc3169b7f82a1ab00e6c857e77b397dc086
-
SHA256
a7cc431cc8ee93723e01aa6aa44a21ce4fee0822920afcfca470c1a18494405a
-
SHA512
292ed7b365d4e73504328f52d928ea64a7bb57b68d2fbb683cf688c055b5902fe9feb90fdfb3da0f0756e12556c4e12bc57c8a3646844ec2f7802260f6dd2f70
-
SSDEEP
49152:wQc81KnB/a/hNT/dVYa8aesY3Ot4N7G/:wDta/hNT/dVn0etD/
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-