General
-
Target
1989c023d3874d8a6cd562e5aa331ffb6284156ca73a9173222560fed1409cac
-
Size
661KB
-
Sample
210921-x2l5gsadc2
-
MD5
4a7841c3a287bfb6ae062413f37b5e7b
-
SHA1
82c28cd9968fc582c3145903deca49a1e8f8c1b9
-
SHA256
1989c023d3874d8a6cd562e5aa331ffb6284156ca73a9173222560fed1409cac
-
SHA512
39058f401ea5f72a931e31af498e6172914312c9d6b3fae4f85f54adfee16ff6415d1247c227870e7d2eda60ee1f7d93c4de6677dbb99e83aec76aa931df6fb6
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
1989c023d3874d8a6cd562e5aa331ffb6284156ca73a9173222560fed1409cac
-
Size
661KB
-
MD5
4a7841c3a287bfb6ae062413f37b5e7b
-
SHA1
82c28cd9968fc582c3145903deca49a1e8f8c1b9
-
SHA256
1989c023d3874d8a6cd562e5aa331ffb6284156ca73a9173222560fed1409cac
-
SHA512
39058f401ea5f72a931e31af498e6172914312c9d6b3fae4f85f54adfee16ff6415d1247c227870e7d2eda60ee1f7d93c4de6677dbb99e83aec76aa931df6fb6
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-