General
-
Target
0d1b90fe0d15d06bb13a55b5f48e5b399b92409a12f58a7b9cee45baec7d7292
-
Size
658KB
-
Sample
210921-vjhm8scfdp
-
MD5
eac24b8bf0c94b7cbd8cba5a70dec43b
-
SHA1
8815ae71867818ba387abe039568371143516ebd
-
SHA256
0d1b90fe0d15d06bb13a55b5f48e5b399b92409a12f58a7b9cee45baec7d7292
-
SHA512
944f032159c91275f4d7fa6f5e7745ab37e7e5201126771565a98ff177a0ee9f36b87069337658dff50d45f0fe329c82eb4db49817dc84915cb923a40fadce92
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
0d1b90fe0d15d06bb13a55b5f48e5b399b92409a12f58a7b9cee45baec7d7292
-
Size
658KB
-
MD5
eac24b8bf0c94b7cbd8cba5a70dec43b
-
SHA1
8815ae71867818ba387abe039568371143516ebd
-
SHA256
0d1b90fe0d15d06bb13a55b5f48e5b399b92409a12f58a7b9cee45baec7d7292
-
SHA512
944f032159c91275f4d7fa6f5e7745ab37e7e5201126771565a98ff177a0ee9f36b87069337658dff50d45f0fe329c82eb4db49817dc84915cb923a40fadce92
-
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-