General
-
Target
bd530072919bc000889d2f5408d012148a224bb741e5ad6809b2442622904e3d
-
Size
658KB
-
Sample
210921-r76heshha2
-
MD5
8e297c458bdd0f4f8081a872746c8b03
-
SHA1
1d989123e5ce49835d424f52ba6336cc865ff276
-
SHA256
bd530072919bc000889d2f5408d012148a224bb741e5ad6809b2442622904e3d
-
SHA512
b99e1e9094ada86df9cbbafc66eefc1dbc2315dc2d5dadb688b8f2cbcb909e55dc0c6633f7d857363e70076105b34186881a3566172ef08c281eb384d17bfa6e
Static task
static1
Malware Config
Extracted
vidar
40.8
828
https://pavlovoler.tumblr.com/
-
profile_id
828
Targets
-
-
Target
bd530072919bc000889d2f5408d012148a224bb741e5ad6809b2442622904e3d
-
Size
658KB
-
MD5
8e297c458bdd0f4f8081a872746c8b03
-
SHA1
1d989123e5ce49835d424f52ba6336cc865ff276
-
SHA256
bd530072919bc000889d2f5408d012148a224bb741e5ad6809b2442622904e3d
-
SHA512
b99e1e9094ada86df9cbbafc66eefc1dbc2315dc2d5dadb688b8f2cbcb909e55dc0c6633f7d857363e70076105b34186881a3566172ef08c281eb384d17bfa6e
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-