General
-
Target
7504bef3a7d40256b34de5c4e1f9e5a6ff1eb26b3e278a767b5b261ee4f94c20
-
Size
733KB
-
Sample
210922-h6seqsbhd3
-
MD5
52d7ca3a74feb37377520d77b24578e4
-
SHA1
49c29ea95f04414664a81cf9855370273d9ee08b
-
SHA256
7504bef3a7d40256b34de5c4e1f9e5a6ff1eb26b3e278a767b5b261ee4f94c20
-
SHA512
ef54b43ff40610f331840842f42ebe8f84d39ee7b00b321862fd30880d2e79d71ca1431f88aa9746e383d1ebf79391345145e3c5799954e66fa75ed1f6a6b051
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
7504bef3a7d40256b34de5c4e1f9e5a6ff1eb26b3e278a767b5b261ee4f94c20
-
Size
733KB
-
MD5
52d7ca3a74feb37377520d77b24578e4
-
SHA1
49c29ea95f04414664a81cf9855370273d9ee08b
-
SHA256
7504bef3a7d40256b34de5c4e1f9e5a6ff1eb26b3e278a767b5b261ee4f94c20
-
SHA512
ef54b43ff40610f331840842f42ebe8f84d39ee7b00b321862fd30880d2e79d71ca1431f88aa9746e383d1ebf79391345145e3c5799954e66fa75ed1f6a6b051
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-