General
-
Target
#Nḙw_PCŜétup-44017-Pa$$wrD!!.rar
-
Size
7.1MB
-
Sample
240618-qaccmsvbnc
-
MD5
0bae1027ac221f6da2c7ce403c9800e2
-
SHA1
5b45b222de60318d34b4caa6eecc5944b7bc63bd
-
SHA256
1606dc0cfa75904afa9a73126bb35935db1c49944542108f4dd4c95b06dedad4
-
SHA512
d7987a006f7a536790072889586960d38d33f24db5a562b55bc9cb9ab679b133ebbf494af214ec4e8320c6a55fdd06d23107b650c6292e7fa505bdc985e27411
-
SSDEEP
196608:CfNgzYJt8DGTestkHRlWUQzpqBjTQlCni:C1gsJt8SFtORlWUL54Ci
Static task
static1
Behavioral task
behavioral1
Sample
Set-up.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
Set-up.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
Targets
-
-
Target
Set-up.exe
-
Size
135KB
-
MD5
a2d70fbab5181a509369d96b682fc641
-
SHA1
22afcdc180400c4d2b9e5a6db2b8a26bff54dd38
-
SHA256
8aed681ad8d660257c10d2f0e85ae673184055a341901643f27afc38e5ef8473
-
SHA512
219c6e7e88004fad9f4392be9a852c58fc43b7f6900e40370991427f37eaea5c18f48d2954f9479dde8bcb787345f4e292d5620add8224aec4d93d7968820b83
-
SSDEEP
1536:URLRDTAC1CMoR1CqabJWt7AQFYMGhw1ScCD28v2Vv428fmvxOuw03h9VC:URdV1CMoiqadTQFBGhw1ED28+94hGw
-
Detect Vidar Stealer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-