General

  • Target

    dab9fee612125503146e28407ec8631232d6b48d567c902b6743bf2e984048b8.exe

  • Size

    275KB

  • MD5

    df96c3d0bb84474f4ed6c4206d1bacea

  • SHA1

    3e846e3a979cfad2df3eadc821fccf48f2cda4fd

  • SHA256

    dab9fee612125503146e28407ec8631232d6b48d567c902b6743bf2e984048b8

  • SHA512

    17ab06107bfcbbd4cc5503996d544d5d48e6ae4f49f76be841455885b77e5c7a5128ab74903a1825dd3a809aed12b414f7dc97c2ae7f5750ad67abba22bd1055

  • SSDEEP

    6144:rh0ZpFC4sffny7TuLBdZlT4DIJYdy3i8ioyrN:rh0ZpFCfB3TGyYy35iBZ

Malware Config

Extracted

Family

vidar

Version

11.8

Botnet

93e4f2dec1428009f8bc755e83a21d1b

C2

https://t.me/fu4chmo

https://steamcommunity.com/profiles/76561199802540894

Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6

Signatures

  • Detect Vidar Stealer 1 IoCs
  • Stealc family
  • Vidar family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • dab9fee612125503146e28407ec8631232d6b48d567c902b6743bf2e984048b8.exe
    .exe windows:5 windows x86 arch:x86

    0b8c3b7f5974cb002243977711d52689


    Headers

    Imports

    Sections