General
-
Target
2458839fd7f696c4b22edfa9abe2872902c5307e070fe320ce0bb5997adc1168
-
Size
2.2MB
-
Sample
240630-ztnz8ayejm
-
MD5
f133a7d9de06d03e58d8a8647f3ac8d6
-
SHA1
2a097ce4f6870abfebc176c074324cb4388d3368
-
SHA256
2458839fd7f696c4b22edfa9abe2872902c5307e070fe320ce0bb5997adc1168
-
SHA512
0056c12442c2fdc3b90a0e6a6a9625315cb21661712a2e5658e2e836b00834ee981cff875b9f0a52f87d370161c1adcf98449c5c66973e02a4b5af207facf8af
-
SSDEEP
24576:Uc0PyhhGkCI1wUL24jtYkYGbawg757CgXueAgXHMU2MZQti1u8LnsDJY6WpEYGYG:UJ0hsA91MPD21tuuIeNHYGY0LzjsJxK
Static task
static1
Behavioral task
behavioral1
Sample
2458839fd7f696c4b22edfa9abe2872902c5307e070fe320ce0bb5997adc1168.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
vidar
https://t.me/g067n
https://steamcommunity.com/profiles/76561199707802586
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:129.0) Gecko/20100101 Firefox/129.0
Targets
-
-
Target
2458839fd7f696c4b22edfa9abe2872902c5307e070fe320ce0bb5997adc1168
-
Size
2.2MB
-
MD5
f133a7d9de06d03e58d8a8647f3ac8d6
-
SHA1
2a097ce4f6870abfebc176c074324cb4388d3368
-
SHA256
2458839fd7f696c4b22edfa9abe2872902c5307e070fe320ce0bb5997adc1168
-
SHA512
0056c12442c2fdc3b90a0e6a6a9625315cb21661712a2e5658e2e836b00834ee981cff875b9f0a52f87d370161c1adcf98449c5c66973e02a4b5af207facf8af
-
SSDEEP
24576:Uc0PyhhGkCI1wUL24jtYkYGbawg757CgXueAgXHMU2MZQti1u8LnsDJY6WpEYGYG:UJ0hsA91MPD21tuuIeNHYGY0LzjsJxK
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-