General
-
Target
eufive_20210913-120522
-
Size
752KB
-
Sample
210913-m5f3jadeb7
-
MD5
ba7db9acdc44166d02b2da06cac656fc
-
SHA1
0e1c30a40b73e38553e0b9cda546eb60cbab53cf
-
SHA256
ee7d47b978a00def7f9e9263ab96b5e92ff1eefb1e9bef8021338a70b7708f7a
-
SHA512
75f713cf1a1edc9f9b499d21e390c6d475c374cccf9a046068d5abdc94d4d0805ce8b087acad748eb78fecb274dc171a299083a807ee6024bf42b4289708dd32
Static task
static1
Behavioral task
behavioral1
Sample
eufive_20210913-120522.exe
Resource
win7-en
Malware Config
Extracted
vidar
40.5
865
https://gheorghip.tumblr.com/
-
profile_id
865
Targets
-
-
Target
eufive_20210913-120522
-
Size
752KB
-
MD5
ba7db9acdc44166d02b2da06cac656fc
-
SHA1
0e1c30a40b73e38553e0b9cda546eb60cbab53cf
-
SHA256
ee7d47b978a00def7f9e9263ab96b5e92ff1eefb1e9bef8021338a70b7708f7a
-
SHA512
75f713cf1a1edc9f9b499d21e390c6d475c374cccf9a046068d5abdc94d4d0805ce8b087acad748eb78fecb274dc171a299083a807ee6024bf42b4289708dd32
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-