General
-
Target
Unlock_Tool_2.1.2.exe
-
Size
597KB
-
Sample
241009-rlt79s1cre
-
MD5
bb13b2bc0a171b39858b4b545f9c1fd6
-
SHA1
2a0f691c710de90f94430e44ae2cf402706cb079
-
SHA256
292e9cdee0da60b05e921597c477809714053a5a1989cca9eb8693bd6cdf2f53
-
SHA512
fcd2e26503bd53000b030464cfeb9eed602629a7cc1e4d5af4bdefb8dde712003b8176253f473a45cd26ba4c4e751481d3d1755066264211885434ea5bb3fbe6
-
SSDEEP
12288:ToBfQ63FVy4GeT7spsUdGVPvXbj6b9HX7x8Z8o0KLICLdNjqFqHN64fwETEO:To1z3FtT7msUdUPvX0Hrx8p0iLdNjq8h
Static task
static1
Behavioral task
behavioral1
Sample
Unlock_Tool_2.1.2.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Unlock_Tool_2.1.2.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vidar
11.1
23a142269e47ce1692ccc9fb68473bc2
https://steamcommunity.com/profiles/76561199786602107
https://t.me/lpnjoke
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
Targets
-
-
Target
Unlock_Tool_2.1.2.exe
-
Size
597KB
-
MD5
bb13b2bc0a171b39858b4b545f9c1fd6
-
SHA1
2a0f691c710de90f94430e44ae2cf402706cb079
-
SHA256
292e9cdee0da60b05e921597c477809714053a5a1989cca9eb8693bd6cdf2f53
-
SHA512
fcd2e26503bd53000b030464cfeb9eed602629a7cc1e4d5af4bdefb8dde712003b8176253f473a45cd26ba4c4e751481d3d1755066264211885434ea5bb3fbe6
-
SSDEEP
12288:ToBfQ63FVy4GeT7spsUdGVPvXbj6b9HX7x8Z8o0KLICLdNjqFqHN64fwETEO:To1z3FtT7msUdUPvX0Hrx8p0iLdNjq8h
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-