General
-
Target
a7d9d8ba42c133ba78a8dcaccb2da07affc1923a7c66cf558dc24667750951d6
-
Size
2.2MB
-
Sample
240629-w39rhashmg
-
MD5
0afc5f5846813ea96c7682975bad6dfd
-
SHA1
56715d3a9636cd1049b50d23f3b5164eda7c0548
-
SHA256
a7d9d8ba42c133ba78a8dcaccb2da07affc1923a7c66cf558dc24667750951d6
-
SHA512
109000455bd133699330f1ceb7c53443cb65bccb028c42a85fe6583f2e47b0734152e2531486dba86fddb442a37e671e9bac97a93a59d3a9b0d366d8a74848fe
-
SSDEEP
49152:qpjNvr9ySAOmw4JHHO+SASagXkJr4MDkUwm:qpjNp7p4JHH8n5A
Static task
static1
Behavioral task
behavioral1
Sample
a7d9d8ba42c133ba78a8dcaccb2da07affc1923a7c66cf558dc24667750951d6.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
vidar
https://t.me/g067n
https://steamcommunity.com/profiles/76561199707802586
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:129.0) Gecko/20100101 Firefox/129.0
Targets
-
-
Target
a7d9d8ba42c133ba78a8dcaccb2da07affc1923a7c66cf558dc24667750951d6
-
Size
2.2MB
-
MD5
0afc5f5846813ea96c7682975bad6dfd
-
SHA1
56715d3a9636cd1049b50d23f3b5164eda7c0548
-
SHA256
a7d9d8ba42c133ba78a8dcaccb2da07affc1923a7c66cf558dc24667750951d6
-
SHA512
109000455bd133699330f1ceb7c53443cb65bccb028c42a85fe6583f2e47b0734152e2531486dba86fddb442a37e671e9bac97a93a59d3a9b0d366d8a74848fe
-
SSDEEP
49152:qpjNvr9ySAOmw4JHHO+SASagXkJr4MDkUwm:qpjNp7p4JHH8n5A
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-