stealc | 81e9674a18dcb4fad7e6314b353b71de92f04116438b950fdf177a1b0c5f1525 | Triage

Submit
Reports

Overview

overview

Static

static

1

Roblox Cheat Free.rar

windows10-2004-x64

Roblox Cheat Free.rar

windows11-21h2-x64

7

Sharing

General

Target

Roblox Cheat Free.rar
Size

1.6MB
Sample

241124-ya273a1phr
MD5

4ba1bd42e77a2370c240d08e568efc72
SHA1

b1d86361ed425fcf70e77f23d90867d87f1a7353
SHA256

81e9674a18dcb4fad7e6314b353b71de92f04116438b950fdf177a1b0c5f1525
SHA512

3482b3fb9c78958e482aa2115e661f7128b9bf9ea492d488810cb40d929f3a3e8ef6ee4e4ca94546afe8bd4be83ddd759aa743ba612abd4347e489eed8fa67d0
SSDEEP

49152:mwnklGp051IOBaI8QTkH/oXeUC3A4Z4gzk9JOw:mCAGpDOAI8QTu/rLwG4Yw

Score

10^/10

stealc vidar a17f83dafa130de24986f1ad305270d5 discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

Roblox Cheat Free.rar

Resource

win10v2004-20241007-en

stealc vidar a17f83dafa130de24986f1ad305270d5 discovery stealer

windows10-2004-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

Roblox Cheat Free.rar

Resource

win11-20241007-en

windows11-21h2-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

11.7

Botnet

a17f83dafa130de24986f1ad305270d5

C2

https://t.me/m07mbk

https://steamcommunity.com/profiles/76561199801589826

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6

Targets

- Target
  
  Roblox Cheat Free.rar
- Size
  
  1.6MB
- MD5
  
  4ba1bd42e77a2370c240d08e568efc72
- SHA1
  
  b1d86361ed425fcf70e77f23d90867d87f1a7353
- SHA256
  
  81e9674a18dcb4fad7e6314b353b71de92f04116438b950fdf177a1b0c5f1525
- SHA512
  
  3482b3fb9c78958e482aa2115e661f7128b9bf9ea492d488810cb40d929f3a3e8ef6ee4e4ca94546afe8bd4be83ddd759aa743ba612abd4347e489eed8fa67d0
- SSDEEP
  
  49152:mwnklGp051IOBaI8QTkH/oXeUC3A4Z4gzk9JOw:mCAGpDOAI8QTu/rLwG4Yw
Score

10^/10

stealc vidar a17f83dafa130de24986f1ad305270d5 discovery stealer
- Detect Vidar Stealer
  stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcvidara17f83dafa130de24986f1ad305270d5discoverystealer

behavioral2

© 2018-2024

Terms | Privacy