General
-
Target
201b9ae09934efbe33dd9ac919d1a6600cdf336bf60ea50c8d2078caed49dfe3
-
Size
739KB
-
Sample
210912-shffdacdc9
-
MD5
3ccf44c470e00c5f42ca53044a0609ab
-
SHA1
66f43a87c7166f1c7a82460543847fc50b195313
-
SHA256
201b9ae09934efbe33dd9ac919d1a6600cdf336bf60ea50c8d2078caed49dfe3
-
SHA512
0ab7e80263f96329351bb45b23351e77f38ca6588bc62102f782c788d7908789a7cc6e2778b722afecd15dcdbce16adc4dd534dfcbfa43fb2a4c9a5c3aeab6d8
Static task
static1
Malware Config
Extracted
vidar
40.5
824
https://gheorghip.tumblr.com/
-
profile_id
824
Targets
-
-
Target
201b9ae09934efbe33dd9ac919d1a6600cdf336bf60ea50c8d2078caed49dfe3
-
Size
739KB
-
MD5
3ccf44c470e00c5f42ca53044a0609ab
-
SHA1
66f43a87c7166f1c7a82460543847fc50b195313
-
SHA256
201b9ae09934efbe33dd9ac919d1a6600cdf336bf60ea50c8d2078caed49dfe3
-
SHA512
0ab7e80263f96329351bb45b23351e77f38ca6588bc62102f782c788d7908789a7cc6e2778b722afecd15dcdbce16adc4dd534dfcbfa43fb2a4c9a5c3aeab6d8
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-