General
-
Target
file5.exe
-
Size
1.7MB
-
Sample
210908-jt2y3sead9
-
MD5
a70b82151e35e0ff675745edeba1143f
-
SHA1
5e7e466b04782a33ade1c85bd5d18f2c181e2e28
-
SHA256
ff4304e357cb5bfd79bb6f3b573298bdc348a19ba5fbb5250e54218e33a36593
-
SHA512
f08038d4d1361acd3cfc983f12fab55390fc85970fda13709915a4d277a20d24dee14782ed571dbaf6bd9440500428167c607d9852d7071788edca593e741cf0
Static task
static1
Behavioral task
behavioral1
Sample
file5.exe
Resource
win7-en
Behavioral task
behavioral2
Sample
file5.exe
Resource
win10-en
Malware Config
Extracted
vidar
40.5
921
https://gheorghip.tumblr.com/
-
profile_id
921
Targets
-
-
Target
file5.exe
-
Size
1.7MB
-
MD5
a70b82151e35e0ff675745edeba1143f
-
SHA1
5e7e466b04782a33ade1c85bd5d18f2c181e2e28
-
SHA256
ff4304e357cb5bfd79bb6f3b573298bdc348a19ba5fbb5250e54218e33a36593
-
SHA512
f08038d4d1361acd3cfc983f12fab55390fc85970fda13709915a4d277a20d24dee14782ed571dbaf6bd9440500428167c607d9852d7071788edca593e741cf0
Score10/10-
Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-