General
-
Target
6d43de56b16f7efd2a0707e8cf851a9e51913a5be5ac849791edcb44a5c33876
-
Size
2.2MB
-
Sample
240628-n65mysybqe
-
MD5
fadb7977c60456de558c24db06d49ba0
-
SHA1
f86610e055d3dcf275284daf363412a5c8342a6d
-
SHA256
6d43de56b16f7efd2a0707e8cf851a9e51913a5be5ac849791edcb44a5c33876
-
SHA512
c56002349a33066607044b860b3b5c983356fea9c2eb5e9e8b4058d8ed8bea8365b0e2c1219e27ae1f0c5f3dc2b4898db237372c5ff307732a178ea0e902cd77
-
SSDEEP
49152:qpjNvr9ySAOmw4lHHO+SASagXkJr4MDkUwm:qpjNp7p4lHH8n5A
Static task
static1
Behavioral task
behavioral1
Sample
6d43de56b16f7efd2a0707e8cf851a9e51913a5be5ac849791edcb44a5c33876.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
vidar
https://t.me/g067n
https://steamcommunity.com/profiles/76561199707802586
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:129.0) Gecko/20100101 Firefox/129.0
Targets
-
-
Target
6d43de56b16f7efd2a0707e8cf851a9e51913a5be5ac849791edcb44a5c33876
-
Size
2.2MB
-
MD5
fadb7977c60456de558c24db06d49ba0
-
SHA1
f86610e055d3dcf275284daf363412a5c8342a6d
-
SHA256
6d43de56b16f7efd2a0707e8cf851a9e51913a5be5ac849791edcb44a5c33876
-
SHA512
c56002349a33066607044b860b3b5c983356fea9c2eb5e9e8b4058d8ed8bea8365b0e2c1219e27ae1f0c5f3dc2b4898db237372c5ff307732a178ea0e902cd77
-
SSDEEP
49152:qpjNvr9ySAOmw4lHHO+SASagXkJr4MDkUwm:qpjNp7p4lHH8n5A
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-