General
-
Target
b69558f58e7c1fa69f138ebe4ec2032273081577cef00b2a44f6cb92a93ffc85
-
Size
2.5MB
-
Sample
240607-t58acacb96
-
MD5
10372ed10d43ff15ffc1ac35a633b9f0
-
SHA1
49a50f3e916d27baf8af322d9dc0d4fcc386c3c8
-
SHA256
b69558f58e7c1fa69f138ebe4ec2032273081577cef00b2a44f6cb92a93ffc85
-
SHA512
2655f20b2077ca7c848da4e0fc98cc27557d92958ff813942336af6bb61a15b2e4497b1ea1b2b6285ab2c00b69ba89c5c792991ce8e1fd3cb6af620cea5d6a86
-
SSDEEP
49152:Zcm4081qpZBUbHEmJasEAQACR07Q3byRD8aXY658:ZcmmqvBUbHtkfAw07QLyLn
Static task
static1
Behavioral task
behavioral1
Sample
b69558f58e7c1fa69f138ebe4ec2032273081577cef00b2a44f6cb92a93ffc85.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/r8z0l
https://steamcommunity.com/profiles/76561199698764354
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
b69558f58e7c1fa69f138ebe4ec2032273081577cef00b2a44f6cb92a93ffc85
-
Size
2.5MB
-
MD5
10372ed10d43ff15ffc1ac35a633b9f0
-
SHA1
49a50f3e916d27baf8af322d9dc0d4fcc386c3c8
-
SHA256
b69558f58e7c1fa69f138ebe4ec2032273081577cef00b2a44f6cb92a93ffc85
-
SHA512
2655f20b2077ca7c848da4e0fc98cc27557d92958ff813942336af6bb61a15b2e4497b1ea1b2b6285ab2c00b69ba89c5c792991ce8e1fd3cb6af620cea5d6a86
-
SSDEEP
49152:Zcm4081qpZBUbHEmJasEAQACR07Q3byRD8aXY658:ZcmmqvBUbHtkfAw07QLyLn
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-