stealc | 416b40630daa924136b9d10e0faa8c800a7a882416f4e5b7944f9bc2553a414b | Triage

Submit
Reports

Overview

overview

Static

static

1

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

416b40630daa924136b9d10e0faa8c800a7a882416f4e5b7944f9bc2553a414b
Size

4.4MB
Sample

240630-rzvqyssglp
MD5

c5f20b0cb835adff91c281ba3e9995e3
SHA1

b7edfc4fb9befe9acf241e423741e27d68dfd832
SHA256

416b40630daa924136b9d10e0faa8c800a7a882416f4e5b7944f9bc2553a414b
SHA512

233587e39de30cfa0a9526fb041f9c9c70a1e7574e8bd8d934f7b795f3eff2a8aa8e98f20a7fcb06f00c85c233461d56bbabb4bba39c1ac4869839e3f0022678
SSDEEP

49152:e+PcYB/o36ki63Hw4/uzcdl3ne2xAOVmmgZV099snm9pswB0Nq7:tPcYB/y6ki6PnuwT06sajB0Nq7

Score

10^/10

stealc vidar stealer

Static task

static1

Behavioral task

behavioral1

Sample

416b40630daa924136b9d10e0faa8c800a7a882416f4e5b7944f9bc2553a414b.exe

Resource

win10v2004-20240508-en

stealc vidar stealer

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

416b40630daa924136b9d10e0faa8c800a7a882416f4e5b7944f9bc2553a414b.exe

Resource

win11-20240508-en

stealc vidar stealer

windows11-21h2-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

vidar

C2

https://t.me/g067n

https://steamcommunity.com/profiles/76561199707802586

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:129.0) Gecko/20100101 Firefox/129.0

Targets

- Target
  
  416b40630daa924136b9d10e0faa8c800a7a882416f4e5b7944f9bc2553a414b
- Size
  
  4.4MB
- MD5
  
  c5f20b0cb835adff91c281ba3e9995e3
- SHA1
  
  b7edfc4fb9befe9acf241e423741e27d68dfd832
- SHA256
  
  416b40630daa924136b9d10e0faa8c800a7a882416f4e5b7944f9bc2553a414b
- SHA512
  
  233587e39de30cfa0a9526fb041f9c9c70a1e7574e8bd8d934f7b795f3eff2a8aa8e98f20a7fcb06f00c85c233461d56bbabb4bba39c1ac4869839e3f0022678
- SSDEEP
  
  49152:e+PcYB/o36ki63Hw4/uzcdl3ne2xAOVmmgZV099snm9pswB0Nq7:tPcYB/y6ki6PnuwT06sajB0Nq7
Score

10^/10

stealc vidar stealer
- Detect Vidar Stealer
  stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

stealcvidarstealer

behavioral2

stealcvidarstealer

© 2018-2024

Terms | Privacy