General
-
Target
5f7cedcd99f028990d68133282ddcfdf6b5b62d3d2cda98a3e341eed95abedf2
-
Size
657KB
-
Sample
210921-nmp36acacq
-
MD5
8a1393f14cf7decacde39d8a4d5f037b
-
SHA1
d8482cf249220fe7c9a46398c40ac5298761c11c
-
SHA256
5f7cedcd99f028990d68133282ddcfdf6b5b62d3d2cda98a3e341eed95abedf2
-
SHA512
a46bc6109df06d965897b61556442bbf3a6da55c22beb14ca84f07e7b6e760f7e5b9c0ab2387a397ece32f463dbf769c56fe3f4841f1ae80f04453451ea89fe0
Static task
static1
Malware Config
Extracted
vidar
40.8
828
https://pavlovoler.tumblr.com/
-
profile_id
828
Targets
-
-
Target
5f7cedcd99f028990d68133282ddcfdf6b5b62d3d2cda98a3e341eed95abedf2
-
Size
657KB
-
MD5
8a1393f14cf7decacde39d8a4d5f037b
-
SHA1
d8482cf249220fe7c9a46398c40ac5298761c11c
-
SHA256
5f7cedcd99f028990d68133282ddcfdf6b5b62d3d2cda98a3e341eed95abedf2
-
SHA512
a46bc6109df06d965897b61556442bbf3a6da55c22beb14ca84f07e7b6e760f7e5b9c0ab2387a397ece32f463dbf769c56fe3f4841f1ae80f04453451ea89fe0
-
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-