General
-
Target
50b638e989d84d747c67bb12e1383c03ac4ec2b088c19d907491709443348656
-
Size
658KB
-
Sample
210921-s4p7pshhe7
-
MD5
5db29e87091c6c881f4b172400082a21
-
SHA1
093768b94033ca5a3a2a4d7ec1527fb38653d78c
-
SHA256
50b638e989d84d747c67bb12e1383c03ac4ec2b088c19d907491709443348656
-
SHA512
b087aa2741612f240531c2d93d40610260dff50a81f6d4d10f1a82c1311d8522199b123b3a887f0231b05b74b8df4b195ee59eaf62f52bf0ca7f8f114ad6f1fc
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
50b638e989d84d747c67bb12e1383c03ac4ec2b088c19d907491709443348656
-
Size
658KB
-
MD5
5db29e87091c6c881f4b172400082a21
-
SHA1
093768b94033ca5a3a2a4d7ec1527fb38653d78c
-
SHA256
50b638e989d84d747c67bb12e1383c03ac4ec2b088c19d907491709443348656
-
SHA512
b087aa2741612f240531c2d93d40610260dff50a81f6d4d10f1a82c1311d8522199b123b3a887f0231b05b74b8df4b195ee59eaf62f52bf0ca7f8f114ad6f1fc
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-