General
-
Target
c6fe30e16142b9b9dc6e2ba76c1210a2aa1948de35db44f1ebc1a13a31ef132f
-
Size
2.5MB
-
Sample
240607-x1bx5adc76
-
MD5
0fba9b41cbbe08c38dcfa6f122fd91d3
-
SHA1
41bcdc150a0573781f269e38444c776f8e7c1bbf
-
SHA256
c6fe30e16142b9b9dc6e2ba76c1210a2aa1948de35db44f1ebc1a13a31ef132f
-
SHA512
27daf17007a1c09dd393fb63713513e2d5204da4eb8a59eeaffb63c073e1766d7508e7334d73b750cad6b36331d577615361372d26c146d475165bcbd9df6898
-
SSDEEP
49152:Zcm4081qpZBUbHEmJhsEAQACR07Q3byRD8aXY658:ZcmmqvBUbHtrfAw07QLyLn
Static task
static1
Behavioral task
behavioral1
Sample
c6fe30e16142b9b9dc6e2ba76c1210a2aa1948de35db44f1ebc1a13a31ef132f.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/r8z0l
https://steamcommunity.com/profiles/76561199698764354
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
c6fe30e16142b9b9dc6e2ba76c1210a2aa1948de35db44f1ebc1a13a31ef132f
-
Size
2.5MB
-
MD5
0fba9b41cbbe08c38dcfa6f122fd91d3
-
SHA1
41bcdc150a0573781f269e38444c776f8e7c1bbf
-
SHA256
c6fe30e16142b9b9dc6e2ba76c1210a2aa1948de35db44f1ebc1a13a31ef132f
-
SHA512
27daf17007a1c09dd393fb63713513e2d5204da4eb8a59eeaffb63c073e1766d7508e7334d73b750cad6b36331d577615361372d26c146d475165bcbd9df6898
-
SSDEEP
49152:Zcm4081qpZBUbHEmJhsEAQACR07Q3byRD8aXY658:ZcmmqvBUbHtrfAw07QLyLn
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-