General
-
Target
8aae3ce902d52430146f97d9f0cf3b5dbdc349e717e01147498263c8cb142fc2
-
Size
658KB
-
Sample
210921-nz4r3shde2
-
MD5
92edb0ce961a8ad1af48c98a5465e6e2
-
SHA1
667d32c923b34d482de03020692b0f3f559e1e80
-
SHA256
8aae3ce902d52430146f97d9f0cf3b5dbdc349e717e01147498263c8cb142fc2
-
SHA512
b5efcc5c96fa17575dd8a370aeca30e382023d67e320e734d6bf52bf6ceba7db6f3886f476a08b415f7f0deca8749fdc7a2a3e64c9933724b433c7563795d8af
Static task
static1
Malware Config
Extracted
vidar
40.8
828
https://pavlovoler.tumblr.com/
-
profile_id
828
Targets
-
-
Target
8aae3ce902d52430146f97d9f0cf3b5dbdc349e717e01147498263c8cb142fc2
-
Size
658KB
-
MD5
92edb0ce961a8ad1af48c98a5465e6e2
-
SHA1
667d32c923b34d482de03020692b0f3f559e1e80
-
SHA256
8aae3ce902d52430146f97d9f0cf3b5dbdc349e717e01147498263c8cb142fc2
-
SHA512
b5efcc5c96fa17575dd8a370aeca30e382023d67e320e734d6bf52bf6ceba7db6f3886f476a08b415f7f0deca8749fdc7a2a3e64c9933724b433c7563795d8af
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-