General
-
Target
932d950e4913b797360f27d332d58d68b910df0691cf4ca1bc1d0a75a2c17776
-
Size
2.5MB
-
Sample
240607-zqlqpach5t
-
MD5
5f3136e66b73d5e2ff39dd01ec1fbc21
-
SHA1
721e4ee889b5e719c6e288265de44807f5455578
-
SHA256
932d950e4913b797360f27d332d58d68b910df0691cf4ca1bc1d0a75a2c17776
-
SHA512
752bfab8bd62a3f0f58d74094ad5037e342c149d99ac3d930c2d45c3d5d759c5adbec29812c8c10aeda0bd25e650a774da57d3239495c52606e095d6688b7a81
-
SSDEEP
49152:Zcm4081qpZBUbHEmJOsEAQACR07Q3byRD8aXY658:ZcmmqvBUbHt4fAw07QLyLn
Static task
static1
Behavioral task
behavioral1
Sample
932d950e4913b797360f27d332d58d68b910df0691cf4ca1bc1d0a75a2c17776.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
Extracted
vidar
https://t.me/r8z0l
https://steamcommunity.com/profiles/76561199698764354
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
932d950e4913b797360f27d332d58d68b910df0691cf4ca1bc1d0a75a2c17776
-
Size
2.5MB
-
MD5
5f3136e66b73d5e2ff39dd01ec1fbc21
-
SHA1
721e4ee889b5e719c6e288265de44807f5455578
-
SHA256
932d950e4913b797360f27d332d58d68b910df0691cf4ca1bc1d0a75a2c17776
-
SHA512
752bfab8bd62a3f0f58d74094ad5037e342c149d99ac3d930c2d45c3d5d759c5adbec29812c8c10aeda0bd25e650a774da57d3239495c52606e095d6688b7a81
-
SSDEEP
49152:Zcm4081qpZBUbHEmJOsEAQACR07Q3byRD8aXY658:ZcmmqvBUbHt4fAw07QLyLn
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-