General
-
Target
e302bc75ac48569ac8f9ab3dbd31302b9ccb8858305a83698dca10e047aaeaa7
-
Size
6.2MB
-
Sample
241209-ny7scawngw
-
MD5
584cf4a4f9cb958539ac091b3a79fd3a
-
SHA1
83cf9bfe5747e7155ca816c752658ad3aaa0d9fa
-
SHA256
e302bc75ac48569ac8f9ab3dbd31302b9ccb8858305a83698dca10e047aaeaa7
-
SHA512
6acd009c4ab0f0e548669af6e1b68f13a5c60bca36a6ccc2095796b415dde47dd0f1d5c2ae587a4735fbecaf3b73046389c291ebac45dd131682e2b9407f4249
-
SSDEEP
12288:yQuJMMD+15Kx4I3y41UyKvXVr4D2P8wMxmAQvOwLALDOQyQWDs0H:IyM0IZTyZVEakxmdVALDONPjH
Static task
static1
Behavioral task
behavioral1
Sample
e302bc75ac48569ac8f9ab3dbd31302b9ccb8858305a83698dca10e047aaeaa7.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
e302bc75ac48569ac8f9ab3dbd31302b9ccb8858305a83698dca10e047aaeaa7.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vidar
11.8
8ff0797948d4b39f051a704ea27bdbde
https://t.me/fu4chmo
https://steamcommunity.com/profiles/76561199802540894
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
Targets
-
-
Target
e302bc75ac48569ac8f9ab3dbd31302b9ccb8858305a83698dca10e047aaeaa7
-
Size
6.2MB
-
MD5
584cf4a4f9cb958539ac091b3a79fd3a
-
SHA1
83cf9bfe5747e7155ca816c752658ad3aaa0d9fa
-
SHA256
e302bc75ac48569ac8f9ab3dbd31302b9ccb8858305a83698dca10e047aaeaa7
-
SHA512
6acd009c4ab0f0e548669af6e1b68f13a5c60bca36a6ccc2095796b415dde47dd0f1d5c2ae587a4735fbecaf3b73046389c291ebac45dd131682e2b9407f4249
-
SSDEEP
12288:yQuJMMD+15Kx4I3y41UyKvXVr4D2P8wMxmAQvOwLALDOQyQWDs0H:IyM0IZTyZVEakxmdVALDONPjH
-
Detect Vidar Stealer
-
Stealc family
-
Vidar family
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-