General
-
Target
afa71166b1b9191bf7bf1ed1893e12716ebceb12b1f6e9e6ca4fa863b7721aac
-
Size
2.5MB
-
Sample
240607-qh6apagf5v
-
MD5
b018704010cd319a3ecbdd5466598775
-
SHA1
ddf559e8a81e1a790fb26378772594387a4373b0
-
SHA256
afa71166b1b9191bf7bf1ed1893e12716ebceb12b1f6e9e6ca4fa863b7721aac
-
SHA512
6027e1e53639a5c4f48906795e216c249d07c908538cbdeb1656d38efc6696ddb9ae1c29f0984359124a647474252a4f9b633962a15c4697ae7dc0760cb0c307
-
SSDEEP
49152:Zcm4081qpZBUbHEmJasEAQACR07Q3byRD8aXY658:ZcmmqvBUbHt4fAw07QLyLn
Static task
static1
Behavioral task
behavioral1
Sample
afa71166b1b9191bf7bf1ed1893e12716ebceb12b1f6e9e6ca4fa863b7721aac.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/r8z0l
https://steamcommunity.com/profiles/76561199698764354
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
afa71166b1b9191bf7bf1ed1893e12716ebceb12b1f6e9e6ca4fa863b7721aac
-
Size
2.5MB
-
MD5
b018704010cd319a3ecbdd5466598775
-
SHA1
ddf559e8a81e1a790fb26378772594387a4373b0
-
SHA256
afa71166b1b9191bf7bf1ed1893e12716ebceb12b1f6e9e6ca4fa863b7721aac
-
SHA512
6027e1e53639a5c4f48906795e216c249d07c908538cbdeb1656d38efc6696ddb9ae1c29f0984359124a647474252a4f9b633962a15c4697ae7dc0760cb0c307
-
SSDEEP
49152:Zcm4081qpZBUbHEmJasEAQACR07Q3byRD8aXY658:ZcmmqvBUbHt4fAw07QLyLn
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-