General
-
Target
dc2970e2c39ac27cfe600381e3868cc6b8192b43de675ecc9c3c73c185a9104a
-
Size
2.5MB
-
Sample
240607-sdb76aab2x
-
MD5
bd3d8ab731e2edaee4c1d924ba9466c7
-
SHA1
d972301100c45f61b82704de1ae800480bcc1d8b
-
SHA256
dc2970e2c39ac27cfe600381e3868cc6b8192b43de675ecc9c3c73c185a9104a
-
SHA512
1e6b2701b91ed0b9a50eca9b767d93cc411e2bc9837437d59f99f2c1b457a22a9268ba1ea0086b218b8f86e961ff87a605cd8d30f696010549a3110b9161f78a
-
SSDEEP
49152:Zcm4081qpZBUbHEmJSsEAQACR07Q3byRD8aXY658:ZcmmqvBUbHtQfAw07QLyLn
Static task
static1
Behavioral task
behavioral1
Sample
dc2970e2c39ac27cfe600381e3868cc6b8192b43de675ecc9c3c73c185a9104a.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/r8z0l
https://steamcommunity.com/profiles/76561199698764354
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
dc2970e2c39ac27cfe600381e3868cc6b8192b43de675ecc9c3c73c185a9104a
-
Size
2.5MB
-
MD5
bd3d8ab731e2edaee4c1d924ba9466c7
-
SHA1
d972301100c45f61b82704de1ae800480bcc1d8b
-
SHA256
dc2970e2c39ac27cfe600381e3868cc6b8192b43de675ecc9c3c73c185a9104a
-
SHA512
1e6b2701b91ed0b9a50eca9b767d93cc411e2bc9837437d59f99f2c1b457a22a9268ba1ea0086b218b8f86e961ff87a605cd8d30f696010549a3110b9161f78a
-
SSDEEP
49152:Zcm4081qpZBUbHEmJSsEAQACR07Q3byRD8aXY658:ZcmmqvBUbHtQfAw07QLyLn
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-