General
-
Target
b46a7b7788783baf852a3e2d217395a5
-
Size
4.4MB
-
Sample
241108-b633xasend
-
MD5
b46a7b7788783baf852a3e2d217395a5
-
SHA1
2036377a1656073ae9484770e15834bced45cc3d
-
SHA256
6b313fae80a9226c4293f5b5bb57129f1bc4f2a8c46bdabb7a577a08e47672b9
-
SHA512
4a85032604b63a6a4571f029aba42e324354522968007806d44aa52aeb99bef391d6cd8f6b8e46f00dfe355c8e406e2df50cce785fc06f08f4b853a5a57125d3
-
SSDEEP
98304:3mSsCwPee+SN9vYbzrLEFjUZVIVgbIYSSXRZ2dozGFKimh:2SxEe89wfsFwIVgbIYSSXRZ2doaKia
Static task
static1
Behavioral task
behavioral1
Sample
setup/AISetup-Crack.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
setup/AISetup-Crack.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
setup/Pre-Activated-Setup.exe
Resource
win7-20240903-en
Malware Config
Extracted
vidar
52.2
1281
https://t.me/netflixaccsfree
-
profile_id
1281
Targets
-
-
Target
setup/AISetup-Crack.exe
-
Size
2.4MB
-
MD5
be7879386bb4db5b6c8415166db67ef8
-
SHA1
ddd3021057a36b9f3298abc2844c3905652a9429
-
SHA256
9871a54a96e578971bde616e6110d08c60d1644734f72358ef04885d16c73d99
-
SHA512
4b0d06d882df5badbcd6d4445f8d3d4fc4db1fe7ec87018c316e9a0cf49e3e04c9c1459150d18613e5af0327b42d7f42a3eef174e35af6a436d2b903373bd9cc
-
SSDEEP
49152:edDbG2xgZPfpsRl0OoktUFYbwlEU3AEN6yOVjevmndG:edDbZgZPf2hoktUFYbw23Gvm8
Score3/10 -
-
-
Target
setup/Pre-Activated-Setup.exe
-
Size
397.6MB
-
MD5
c011c5bad19774ebf56ec031387998a7
-
SHA1
df8a65c3b049e81f5633086ea5f66b8a5b82f435
-
SHA256
330aeaaf79d476459e8808ccf795879e94d6892a1610cf4460958e790e0d0b25
-
SHA512
3a393844490f399e6d851c9fbd0aa5ab5284ebc5e6cdac7094e7fb88dbed01856c0e777db619437925e6e0d4b5df700a3641b498d8e4df504f862013eab1bdb3
-
SSDEEP
49152:tYhJSaBmN9w/QZKRy7bRkBPoyN041j+lav0v1L8EhlV:ehJSJ5cRy7G/1s8OyulV
-
Vidar family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Vidar Stealer
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-