General
-
Target
544f19b452e7b29fe8b34c05171108ad72cbd313303ffb97c183b6626d3029a5
-
Size
700KB
-
Sample
210921-2l4f2sddgl
-
MD5
23b00fbcba2b4d9785a8588bf54207ab
-
SHA1
5894e7e0486e0c3e0d167663aae2486e526a6dc7
-
SHA256
544f19b452e7b29fe8b34c05171108ad72cbd313303ffb97c183b6626d3029a5
-
SHA512
3a521589238e589c07e178eb24bfc9ec146db9a965b20e2fb0edb4653a676e2b66cd346898cdcc0d477ac1d8c4a3573e25df33e416ff19a6ccd6899567c21442
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
544f19b452e7b29fe8b34c05171108ad72cbd313303ffb97c183b6626d3029a5
-
Size
700KB
-
MD5
23b00fbcba2b4d9785a8588bf54207ab
-
SHA1
5894e7e0486e0c3e0d167663aae2486e526a6dc7
-
SHA256
544f19b452e7b29fe8b34c05171108ad72cbd313303ffb97c183b6626d3029a5
-
SHA512
3a521589238e589c07e178eb24bfc9ec146db9a965b20e2fb0edb4653a676e2b66cd346898cdcc0d477ac1d8c4a3573e25df33e416ff19a6ccd6899567c21442
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-