General
-
Target
8ba72f6128a2970eae6f858d7147f8cea2e08a2a7b6f81c13b56c606266cb6fd
-
Size
671KB
-
Sample
210921-f7qanabban
-
MD5
917f570d9c7371bd27f3d2d33415b791
-
SHA1
8e31fb9c65060cbcdb7b9dc77bc361002e606c8f
-
SHA256
8ba72f6128a2970eae6f858d7147f8cea2e08a2a7b6f81c13b56c606266cb6fd
-
SHA512
30e1cb25a39043800ad5f560781256cda61de151849a335d2e9aa047132e0ebcb1b736a3155d7b90feb625fd6076ca18b473b1d78dec75162b78304e3fae37a5
Static task
static1
Malware Config
Extracted
vidar
40.8
828
https://pavlovoler.tumblr.com/
-
profile_id
828
Targets
-
-
Target
8ba72f6128a2970eae6f858d7147f8cea2e08a2a7b6f81c13b56c606266cb6fd
-
Size
671KB
-
MD5
917f570d9c7371bd27f3d2d33415b791
-
SHA1
8e31fb9c65060cbcdb7b9dc77bc361002e606c8f
-
SHA256
8ba72f6128a2970eae6f858d7147f8cea2e08a2a7b6f81c13b56c606266cb6fd
-
SHA512
30e1cb25a39043800ad5f560781256cda61de151849a335d2e9aa047132e0ebcb1b736a3155d7b90feb625fd6076ca18b473b1d78dec75162b78304e3fae37a5
-
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-