General
-
Target
SecuriteInfo.com.Win32.DropperX-gen.29341.16114.exe
-
Size
5.3MB
-
Sample
240802-ww16sazarh
-
MD5
d8506a1a17c1b7452fc9e94ce5568900
-
SHA1
d1d281538ddd3cc45a6bb29380dc1d7330e4bd0d
-
SHA256
9daffaea889ac9a0a94e711c815ef8f8d17878c00dc802033300e46f35ccbc29
-
SHA512
0b8d671333d70f341cec6eeb8cfad1169251980305b19b31f96345f8c797fd0dd97d4b7fd40ad28412e1340829a2c82f253577a26403ea567cd2cb1dd6ba0e9b
-
SSDEEP
98304:Q3QwuwsuAyobBzVlwVNwo7MhtCzLY8QcTEcX/ssSR/UoUSAKBasi930z:kQ1Hj1RlwPwo7MhtCA8QBskVMoU0Ba72
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.DropperX-gen.29341.16114.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.DropperX-gen.29341.16114.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
vidar
https://steamcommunity.com/profiles/76561199735694209
https://t.me/puffclou
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.1) Gecko/20100101 Firefox/128.1
Targets
-
-
Target
SecuriteInfo.com.Win32.DropperX-gen.29341.16114.exe
-
Size
5.3MB
-
MD5
d8506a1a17c1b7452fc9e94ce5568900
-
SHA1
d1d281538ddd3cc45a6bb29380dc1d7330e4bd0d
-
SHA256
9daffaea889ac9a0a94e711c815ef8f8d17878c00dc802033300e46f35ccbc29
-
SHA512
0b8d671333d70f341cec6eeb8cfad1169251980305b19b31f96345f8c797fd0dd97d4b7fd40ad28412e1340829a2c82f253577a26403ea567cd2cb1dd6ba0e9b
-
SSDEEP
98304:Q3QwuwsuAyobBzVlwVNwo7MhtCzLY8QcTEcX/ssSR/UoUSAKBasi930z:kQ1Hj1RlwPwo7MhtCA8QBskVMoU0Ba72
-
Detect Vidar Stealer
-
PureLog Stealer payload
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Suspicious use of SetThreadContext
-