General
-
Target
39ad4be2a917c52a8e8579c11f031613001120002000b66fa633f5bb4afa9136
-
Size
711KB
-
Sample
210922-2fhbmaeab5
-
MD5
e4e77049aa7a9db6f860568b7ba14d03
-
SHA1
b29eaef3ace3eee05f62c61c7b4298e544e77bcd
-
SHA256
39ad4be2a917c52a8e8579c11f031613001120002000b66fa633f5bb4afa9136
-
SHA512
9ec124b4ab18ef75b81ed0a7e7ffcceca946ba1d6862ce3f3596ed5ee6e074a57664fda9b03a8de7729eb91907e6159c8468dcafd1c50f9cad3b3b1217eaa580
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
39ad4be2a917c52a8e8579c11f031613001120002000b66fa633f5bb4afa9136
-
Size
711KB
-
MD5
e4e77049aa7a9db6f860568b7ba14d03
-
SHA1
b29eaef3ace3eee05f62c61c7b4298e544e77bcd
-
SHA256
39ad4be2a917c52a8e8579c11f031613001120002000b66fa633f5bb4afa9136
-
SHA512
9ec124b4ab18ef75b81ed0a7e7ffcceca946ba1d6862ce3f3596ed5ee6e074a57664fda9b03a8de7729eb91907e6159c8468dcafd1c50f9cad3b3b1217eaa580
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-