General
-
Target
stealerc.bin
-
Size
824KB
-
Sample
241119-ysbg3awpbl
-
MD5
48f8fd860361571c1ea6373fa9929fdd
-
SHA1
1940e67c060a7b2b7085ba8513cd69d97c035775
-
SHA256
0d29542a4e177ab50ea5ac6ffad38e4ac31bf199f6de30334b73b0ab04c0f20c
-
SHA512
f2145f41c822d57f079b03a24e86595bfc29dc1daca199be0fa56a3f054e622624f70f6a9084f02e369ca7c6c594f07230da260708142dcec64dedef8c9b48a6
-
SSDEEP
6144:M58tl+4sfTny7TuvpdZlt4DIJYVKWi8u5yrh5rTNhhuy1qkteGtLMA+/mt9:M58tl+TtvtGyYKW5u8lq6T+/s
Behavioral task
behavioral1
Sample
stealerc.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
stealerc.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vidar
11.7
93fc6460673f6002db33ceb23a9e1868
https://t.me/m07mbk
https://steamcommunity.com/profiles/76561199801589826
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
Targets
-
-
Target
stealerc.bin
-
Size
824KB
-
MD5
48f8fd860361571c1ea6373fa9929fdd
-
SHA1
1940e67c060a7b2b7085ba8513cd69d97c035775
-
SHA256
0d29542a4e177ab50ea5ac6ffad38e4ac31bf199f6de30334b73b0ab04c0f20c
-
SHA512
f2145f41c822d57f079b03a24e86595bfc29dc1daca199be0fa56a3f054e622624f70f6a9084f02e369ca7c6c594f07230da260708142dcec64dedef8c9b48a6
-
SSDEEP
6144:M58tl+4sfTny7TuvpdZlt4DIJYVKWi8u5yrh5rTNhhuy1qkteGtLMA+/mt9:M58tl+TtvtGyYKW5u8lq6T+/s
-
Detect Vidar Stealer
-
Stealc family
-
Vidar family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-