General
-
Target
588d2e6006a25d7774b4ae702841451047dd79c20c3f35bbb1260182f65c4a15
-
Size
700KB
-
Sample
210921-3v6hfaage9
-
MD5
861f9b74fd5fad95a95ea1c1d043f814
-
SHA1
b5bef76b307e2f0efb3b6df0f075d8e341de1f27
-
SHA256
588d2e6006a25d7774b4ae702841451047dd79c20c3f35bbb1260182f65c4a15
-
SHA512
44ff53f03e877c20972cd2faffc4f260584e5ef2977fa4036a33f013e76dffba21fad0f17c78f8d582bdb2ecfb84f4e5afcce1490486a6028d9c5de26a866827
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
588d2e6006a25d7774b4ae702841451047dd79c20c3f35bbb1260182f65c4a15
-
Size
700KB
-
MD5
861f9b74fd5fad95a95ea1c1d043f814
-
SHA1
b5bef76b307e2f0efb3b6df0f075d8e341de1f27
-
SHA256
588d2e6006a25d7774b4ae702841451047dd79c20c3f35bbb1260182f65c4a15
-
SHA512
44ff53f03e877c20972cd2faffc4f260584e5ef2977fa4036a33f013e76dffba21fad0f17c78f8d582bdb2ecfb84f4e5afcce1490486a6028d9c5de26a866827
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-