General
-
Target
81861b02093feeaf007811223816762bff0324a979538f66e467216f6dd4b196
-
Size
1.7MB
-
Sample
240705-hdjxwstfjm
-
MD5
99b27546f8f1e6f68d0afe0687f368ce
-
SHA1
92efc9ff0cfe7b961119684165bb87f4d213c286
-
SHA256
81861b02093feeaf007811223816762bff0324a979538f66e467216f6dd4b196
-
SHA512
8657674892a69ecd232e977c12ae19d2450543a191c1ef54e3a7655bdf9dd2650fb656716d91a40cac7697a57faf1f9366c043594b9b1e922c08242fe0b4ae8f
-
SSDEEP
24576:UBqWKKYMPEVVYzMPkYHXANYksiZArxliP4OTomFu5Xxth9:UyM8VV8W5aYRi2lpYu5XxZ
Static task
static1
Behavioral task
behavioral1
Sample
81861b02093feeaf007811223816762bff0324a979538f66e467216f6dd4b196.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
vidar
https://t.me/bu77un
https://steamcommunity.com/profiles/76561199730044335
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.1) Gecko/20100101 Firefox/128.1
Targets
-
-
Target
81861b02093feeaf007811223816762bff0324a979538f66e467216f6dd4b196
-
Size
1.7MB
-
MD5
99b27546f8f1e6f68d0afe0687f368ce
-
SHA1
92efc9ff0cfe7b961119684165bb87f4d213c286
-
SHA256
81861b02093feeaf007811223816762bff0324a979538f66e467216f6dd4b196
-
SHA512
8657674892a69ecd232e977c12ae19d2450543a191c1ef54e3a7655bdf9dd2650fb656716d91a40cac7697a57faf1f9366c043594b9b1e922c08242fe0b4ae8f
-
SSDEEP
24576:UBqWKKYMPEVVYzMPkYHXANYksiZArxliP4OTomFu5Xxth9:UyM8VV8W5aYRi2lpYu5XxZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-