General
-
Target
8b61380fc1b110acd37001c589a777f35b267bc1c14c1bf5bf9dc418a6034287
-
Size
661KB
-
Sample
210921-yd85saadh3
-
MD5
d3233b9e81f73a1cea2c59ad0f75fd20
-
SHA1
82e20d831391eb51b17777eab44db02d13089f02
-
SHA256
8b61380fc1b110acd37001c589a777f35b267bc1c14c1bf5bf9dc418a6034287
-
SHA512
6b6526a3a8c1187cbfbde4cfe00fac50d0ecfccc8d7b13993915ac624428af3a4a587f4696ce420e79ecdfd7801357905153c8c98aab3551a6c364ba6aff7372
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
8b61380fc1b110acd37001c589a777f35b267bc1c14c1bf5bf9dc418a6034287
-
Size
661KB
-
MD5
d3233b9e81f73a1cea2c59ad0f75fd20
-
SHA1
82e20d831391eb51b17777eab44db02d13089f02
-
SHA256
8b61380fc1b110acd37001c589a777f35b267bc1c14c1bf5bf9dc418a6034287
-
SHA512
6b6526a3a8c1187cbfbde4cfe00fac50d0ecfccc8d7b13993915ac624428af3a4a587f4696ce420e79ecdfd7801357905153c8c98aab3551a6c364ba6aff7372
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-