General
-
Target
d280f05ac0d8cc0981dd870754c36f34e8377b82dcf797d545acc386e9139bd0
-
Size
712KB
-
Sample
210922-1jtcmageel
-
MD5
85f2d863b1bc12b0d983e3ec52fb9ecc
-
SHA1
942047568f1b9ed0246635f872bc9186ce2d56e0
-
SHA256
d280f05ac0d8cc0981dd870754c36f34e8377b82dcf797d545acc386e9139bd0
-
SHA512
5a3263e4cec1de9c88134654ed34b30cc117797d0a10a723d6600bf574e67e4f545e1951e85e741af1c15e07fff52053041ebac98a6264514102cf0af42e29a8
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
d280f05ac0d8cc0981dd870754c36f34e8377b82dcf797d545acc386e9139bd0
-
Size
712KB
-
MD5
85f2d863b1bc12b0d983e3ec52fb9ecc
-
SHA1
942047568f1b9ed0246635f872bc9186ce2d56e0
-
SHA256
d280f05ac0d8cc0981dd870754c36f34e8377b82dcf797d545acc386e9139bd0
-
SHA512
5a3263e4cec1de9c88134654ed34b30cc117797d0a10a723d6600bf574e67e4f545e1951e85e741af1c15e07fff52053041ebac98a6264514102cf0af42e29a8
-
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-