General
-
Target
add786485fc8675163fb20e77a908a73fb70f80bc1661cf88dcbf0b73c97fda4
-
Size
2.5MB
-
Sample
240607-xt1ynscc6t
-
MD5
edfd6b0c78793604ed5dedf06ae4869b
-
SHA1
d38e9613b721816464ccc9335dbf86c36bdd3dda
-
SHA256
add786485fc8675163fb20e77a908a73fb70f80bc1661cf88dcbf0b73c97fda4
-
SHA512
908e683bd40abe98edc60b3a7becb3bbdd8d16b705c9c16011ee5931eebbb96150ba5c6f5d9d76f1bf7ea4028859d47176f2bb63873ab6c1ea3081876a6e481e
-
SSDEEP
49152:Zcm4081qpZBUbHEmJusEAQACR07Q3byRD8aXY658:ZcmmqvBUbHt4fAw07QLyLn
Static task
static1
Behavioral task
behavioral1
Sample
add786485fc8675163fb20e77a908a73fb70f80bc1661cf88dcbf0b73c97fda4.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/r8z0l
https://steamcommunity.com/profiles/76561199698764354
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
add786485fc8675163fb20e77a908a73fb70f80bc1661cf88dcbf0b73c97fda4
-
Size
2.5MB
-
MD5
edfd6b0c78793604ed5dedf06ae4869b
-
SHA1
d38e9613b721816464ccc9335dbf86c36bdd3dda
-
SHA256
add786485fc8675163fb20e77a908a73fb70f80bc1661cf88dcbf0b73c97fda4
-
SHA512
908e683bd40abe98edc60b3a7becb3bbdd8d16b705c9c16011ee5931eebbb96150ba5c6f5d9d76f1bf7ea4028859d47176f2bb63873ab6c1ea3081876a6e481e
-
SSDEEP
49152:Zcm4081qpZBUbHEmJusEAQACR07Q3byRD8aXY658:ZcmmqvBUbHt4fAw07QLyLn
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-