General
-
Target
ea7f6013e71c2ecde5588fbd588d450e1348668a48c54cf810091e78fcf94284
-
Size
711KB
-
Sample
210922-skte1sdba5
-
MD5
40d2119bc2531af6fabfd6bdc365d6b0
-
SHA1
de4666a2f580269603c34d9f2f9ed2e774a18168
-
SHA256
ea7f6013e71c2ecde5588fbd588d450e1348668a48c54cf810091e78fcf94284
-
SHA512
82e04c5afaa678c152a485c558a8327efc7bf1c22a50c603923f5b5c156ede48a3c6a01b2805b044f1b2292c447e47396a6c2f6c451e32927130d41f36868fd9
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
ea7f6013e71c2ecde5588fbd588d450e1348668a48c54cf810091e78fcf94284
-
Size
711KB
-
MD5
40d2119bc2531af6fabfd6bdc365d6b0
-
SHA1
de4666a2f580269603c34d9f2f9ed2e774a18168
-
SHA256
ea7f6013e71c2ecde5588fbd588d450e1348668a48c54cf810091e78fcf94284
-
SHA512
82e04c5afaa678c152a485c558a8327efc7bf1c22a50c603923f5b5c156ede48a3c6a01b2805b044f1b2292c447e47396a6c2f6c451e32927130d41f36868fd9
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-