stealc | 2289656d0b1515397a4b1a827382987140dd7c0f0305be61ae2e22b2a882b392 | Triage

Submit
Reports

Overview

overview

Static

static

3

winprofile

windows7-x64

5

winprofile

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

2289656d0b1515397a4b1a827382987140dd7c0f0305be61ae2e22b2a882b392
Size

4.5MB
Sample

240613-2lv5nsxclr
MD5

053e2d163701b05e0a365740b3acc67e
SHA1

aaf04301f284fb9a47a5e570cd830cfc2092f799
SHA256

2289656d0b1515397a4b1a827382987140dd7c0f0305be61ae2e22b2a882b392
SHA512

5fa197687df2084c6498fcfb7cccea98c8a195f3182889773d9fd6bcded33cd3d72ac72f62bbb40769bc9aa27f5625217258c4b98329caa45e26cfcad7331f2b
SSDEEP

98304:+qJcqsmdaTXUbGOJqd9tZ/qPLmpuREHrwRnC/eqJ/o:feqddazUbGPJiPLkqEHgyJ/

Score

10^/10

stealc vidar spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2289656d0b1515397a4b1a827382987140dd7c0f0305be61ae2e22b2a882b392.exe

Resource

win7-20240508-en

windows7-x64

6 signatures

300 seconds

Behavioral task

behavioral2

Sample

2289656d0b1515397a4b1a827382987140dd7c0f0305be61ae2e22b2a882b392.exe

Resource

win10-20240404-en

stealc vidar spyware stealer

windows10-1703-x64

11 signatures

300 seconds

Malware Config

Extracted

Family

stealc

rc4.plain

Extracted

Family

vidar

C2

https://t.me/memve4erin

https://steamcommunity.com/profiles/76561199699680841

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:129.0) Gecko/20100101 Firefox/129.0

Targets

- Target
  
  2289656d0b1515397a4b1a827382987140dd7c0f0305be61ae2e22b2a882b392
- Size
  
  4.5MB
- MD5
  
  053e2d163701b05e0a365740b3acc67e
- SHA1
  
  aaf04301f284fb9a47a5e570cd830cfc2092f799
- SHA256
  
  2289656d0b1515397a4b1a827382987140dd7c0f0305be61ae2e22b2a882b392
- SHA512
  
  5fa197687df2084c6498fcfb7cccea98c8a195f3182889773d9fd6bcded33cd3d72ac72f62bbb40769bc9aa27f5625217258c4b98329caa45e26cfcad7331f2b
- SSDEEP
  
  98304:+qJcqsmdaTXUbGOJqd9tZ/qPLmpuREHrwRnC/eqJ/o:feqddazUbGPJiPLkqEHgyJ/
Score

10^/10

stealc vidar spyware stealer
- Detect Vidar Stealer
  stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Downloads MZ/PE file
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcvidarspywarestealer

© 2018-2025

Terms | Privacy