General
-
Target
157ca4763112b970f2c1c5b46df8fec359c950cc7dd233bc76caa6459c1203c3
-
Size
671KB
-
Sample
210921-hzx2msbcgr
-
MD5
79443e5a879cb2155d27f43ad8c3f77c
-
SHA1
c532948c0d97206dc46734f4f84d110b085f8544
-
SHA256
157ca4763112b970f2c1c5b46df8fec359c950cc7dd233bc76caa6459c1203c3
-
SHA512
304ebbf190b7eb4f94b95d152368b6b694f374641cfb4a0063b3a6f4edac162a2997e98bfbdfe6db73d4329fb0fbbc26b7f7380418fde0ec1a59687583f61c91
Static task
static1
Malware Config
Extracted
vidar
40.8
828
https://pavlovoler.tumblr.com/
-
profile_id
828
Targets
-
-
Target
157ca4763112b970f2c1c5b46df8fec359c950cc7dd233bc76caa6459c1203c3
-
Size
671KB
-
MD5
79443e5a879cb2155d27f43ad8c3f77c
-
SHA1
c532948c0d97206dc46734f4f84d110b085f8544
-
SHA256
157ca4763112b970f2c1c5b46df8fec359c950cc7dd233bc76caa6459c1203c3
-
SHA512
304ebbf190b7eb4f94b95d152368b6b694f374641cfb4a0063b3a6f4edac162a2997e98bfbdfe6db73d4329fb0fbbc26b7f7380418fde0ec1a59687583f61c91
-
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-