General
-
Target
e11e47533f6e50195aaf9aec171977e79358db0cdae9ce6424af2f6b17d34000
-
Size
658KB
-
Sample
210921-we4wcacfgn
-
MD5
0c37679bea3982ed2ad0c447ea5e4ad6
-
SHA1
c0e24d4d229a23e122e92c48902e1de7bea5622a
-
SHA256
e11e47533f6e50195aaf9aec171977e79358db0cdae9ce6424af2f6b17d34000
-
SHA512
f0deb0fed4cf202de1ec149b110525cf58b52278b8f86884c0f0d9e4e868d4887c52a71546737aacf11cdcccaeef336dc1ac8293e3bc08a808d740a1eda6813a
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
e11e47533f6e50195aaf9aec171977e79358db0cdae9ce6424af2f6b17d34000
-
Size
658KB
-
MD5
0c37679bea3982ed2ad0c447ea5e4ad6
-
SHA1
c0e24d4d229a23e122e92c48902e1de7bea5622a
-
SHA256
e11e47533f6e50195aaf9aec171977e79358db0cdae9ce6424af2f6b17d34000
-
SHA512
f0deb0fed4cf202de1ec149b110525cf58b52278b8f86884c0f0d9e4e868d4887c52a71546737aacf11cdcccaeef336dc1ac8293e3bc08a808d740a1eda6813a
-
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-