General
-
Target
682c644326167c253b50d2fcbf24b7fc.exe
-
Size
734KB
-
Sample
210922-pabknsfagl
-
MD5
682c644326167c253b50d2fcbf24b7fc
-
SHA1
ae809a29b5d0909f4daab6910f335ed7361c45c3
-
SHA256
50df8bab92dde00cb1692a804ea9e71f9827b7cf50f12ab0b0d33414dbd70bfe
-
SHA512
9892860efb2408159c2aeebe2a9ad4ad0c407c87dc616641a63b9b224cd7a9ccbe34e29fdbc964364f27946ea48e0e1bdec2bf7fc8ad8bfff67d1efcec76c1b7
Static task
static1
Behavioral task
behavioral1
Sample
682c644326167c253b50d2fcbf24b7fc.exe
Resource
win7-en-20210920
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
682c644326167c253b50d2fcbf24b7fc.exe
-
Size
734KB
-
MD5
682c644326167c253b50d2fcbf24b7fc
-
SHA1
ae809a29b5d0909f4daab6910f335ed7361c45c3
-
SHA256
50df8bab92dde00cb1692a804ea9e71f9827b7cf50f12ab0b0d33414dbd70bfe
-
SHA512
9892860efb2408159c2aeebe2a9ad4ad0c407c87dc616641a63b9b224cd7a9ccbe34e29fdbc964364f27946ea48e0e1bdec2bf7fc8ad8bfff67d1efcec76c1b7
-
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
-
Vidar Stealer
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-