General
-
Target
ea26835b8efbb3c29604335aed30535a4d521d633e8d5d29d03f57da66fd5416
-
Size
2.5MB
-
Sample
240607-pcwzdsgg83
-
MD5
a917c6e737802ab4e05e231819ef32ad
-
SHA1
68521ded543fdea11120537d44aa1172a76650fd
-
SHA256
ea26835b8efbb3c29604335aed30535a4d521d633e8d5d29d03f57da66fd5416
-
SHA512
a7a4e166d5ace37d1328bb70a004b11b13f6201ef7b72d4fa22369ecfc087ed9c48c05648c11bf8b7559d37513e4d16373b3ca0c6c3ab1ec078e21d80b1960de
-
SSDEEP
49152:Zcm4081qpZBUbHEmJ5sEAQACR07Q3byRD8aXY658:ZcmmqvBUbHt/fAw07QLyLn
Static task
static1
Behavioral task
behavioral1
Sample
ea26835b8efbb3c29604335aed30535a4d521d633e8d5d29d03f57da66fd5416.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/r8z0l
https://steamcommunity.com/profiles/76561199698764354
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
ea26835b8efbb3c29604335aed30535a4d521d633e8d5d29d03f57da66fd5416
-
Size
2.5MB
-
MD5
a917c6e737802ab4e05e231819ef32ad
-
SHA1
68521ded543fdea11120537d44aa1172a76650fd
-
SHA256
ea26835b8efbb3c29604335aed30535a4d521d633e8d5d29d03f57da66fd5416
-
SHA512
a7a4e166d5ace37d1328bb70a004b11b13f6201ef7b72d4fa22369ecfc087ed9c48c05648c11bf8b7559d37513e4d16373b3ca0c6c3ab1ec078e21d80b1960de
-
SSDEEP
49152:Zcm4081qpZBUbHEmJ5sEAQACR07Q3byRD8aXY658:ZcmmqvBUbHt/fAw07QLyLn
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-