General
-
Target
42226b9f119843f7ff26e7d50895564d59fe8bf8db1830047c86298d8bc22d74
-
Size
323KB
-
Sample
241219-rhmc9avkcq
-
MD5
34f45d20fef7dd9c8e8d7f5b9d5fa6a7
-
SHA1
4270a1cf22a0183d772bf143bec8a81b8b4ac51e
-
SHA256
42226b9f119843f7ff26e7d50895564d59fe8bf8db1830047c86298d8bc22d74
-
SHA512
11a4e65e08a6f948336971e612f859429c4c58c6443ba85fc3b7a5165040bde57555c596a8c0322cd71b8e1fa3758dd7f6a247de5197b32212d9a90c37fe2410
-
SSDEEP
6144:bspY93m4ezZF197TvhhFUJi7AuRQ1zkIFZQRhtinsoCiiEI+:bWym4ezxLhKAkuRQtkIjQRGns2iEz
Static task
static1
Behavioral task
behavioral1
Sample
42226b9f119843f7ff26e7d50895564d59fe8bf8db1830047c86298d8bc22d74.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
42226b9f119843f7ff26e7d50895564d59fe8bf8db1830047c86298d8bc22d74.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
42226b9f119843f7ff26e7d50895564d59fe8bf8db1830047c86298d8bc22d74
-
Size
323KB
-
MD5
34f45d20fef7dd9c8e8d7f5b9d5fa6a7
-
SHA1
4270a1cf22a0183d772bf143bec8a81b8b4ac51e
-
SHA256
42226b9f119843f7ff26e7d50895564d59fe8bf8db1830047c86298d8bc22d74
-
SHA512
11a4e65e08a6f948336971e612f859429c4c58c6443ba85fc3b7a5165040bde57555c596a8c0322cd71b8e1fa3758dd7f6a247de5197b32212d9a90c37fe2410
-
SSDEEP
6144:bspY93m4ezZF197TvhhFUJi7AuRQ1zkIFZQRhtinsoCiiEI+:bWym4ezxLhKAkuRQtkIjQRGns2iEz
Score10/10-
Detect Vidar Stealer
-
Vidar family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-