General
-
Target
f28176161827bb4cab207556ac59f8585b2c84e155418493bbb6440020240186
-
Size
2.5MB
-
Sample
240607-lx4yysee6z
-
MD5
4ebf1d8eedf6954e2a4c5b94cbdcd3b7
-
SHA1
5d1ba01e07a1936b66d20605a7dea437f2114da7
-
SHA256
f28176161827bb4cab207556ac59f8585b2c84e155418493bbb6440020240186
-
SHA512
fd85e93ac093103d9279cc047d3d5dec9880ee195cf503eb1620ef09bb665f6c772bd14fe9eef6a34188c87338c14a8aaeae640d5d9dd5034d5540e1ecb8b8f1
-
SSDEEP
49152:Zcm4081qpZBUbHEmJnsEAQACR07Q3byRD8aXY658:ZcmmqvBUbHt1fAw07QLyLn
Static task
static1
Behavioral task
behavioral1
Sample
f28176161827bb4cab207556ac59f8585b2c84e155418493bbb6440020240186.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/r8z0l
https://steamcommunity.com/profiles/76561199698764354
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
f28176161827bb4cab207556ac59f8585b2c84e155418493bbb6440020240186
-
Size
2.5MB
-
MD5
4ebf1d8eedf6954e2a4c5b94cbdcd3b7
-
SHA1
5d1ba01e07a1936b66d20605a7dea437f2114da7
-
SHA256
f28176161827bb4cab207556ac59f8585b2c84e155418493bbb6440020240186
-
SHA512
fd85e93ac093103d9279cc047d3d5dec9880ee195cf503eb1620ef09bb665f6c772bd14fe9eef6a34188c87338c14a8aaeae640d5d9dd5034d5540e1ecb8b8f1
-
SSDEEP
49152:Zcm4081qpZBUbHEmJnsEAQACR07Q3byRD8aXY658:ZcmmqvBUbHt1fAw07QLyLn
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-