General
-
Target
0b46441a4c6316b2bcb9aa309cc155bd01c26ed9d7a9e58ae3db70e0acb2b9d1
-
Size
658KB
-
Sample
210921-ttll7saaa3
-
MD5
858ef0509c4d75e3aaf27d3ec4fdf4e8
-
SHA1
2a9c3b0027b1dc7304cc164bf34ab80fc9acbd31
-
SHA256
0b46441a4c6316b2bcb9aa309cc155bd01c26ed9d7a9e58ae3db70e0acb2b9d1
-
SHA512
d3e4de6dcb4e51cac03b23b19fc06cde33f99a6408988f31f6e10fadd4e841a0648f3002d50bf8465f261a8f2942c8d642bdcf06ef36801434dcfd4974d44170
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
0b46441a4c6316b2bcb9aa309cc155bd01c26ed9d7a9e58ae3db70e0acb2b9d1
-
Size
658KB
-
MD5
858ef0509c4d75e3aaf27d3ec4fdf4e8
-
SHA1
2a9c3b0027b1dc7304cc164bf34ab80fc9acbd31
-
SHA256
0b46441a4c6316b2bcb9aa309cc155bd01c26ed9d7a9e58ae3db70e0acb2b9d1
-
SHA512
d3e4de6dcb4e51cac03b23b19fc06cde33f99a6408988f31f6e10fadd4e841a0648f3002d50bf8465f261a8f2942c8d642bdcf06ef36801434dcfd4974d44170
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-