General
-
Target
43d95bb5fc9f7c5da5900a162e422563904366380e812aeaf1fc8b15a2a0770b
-
Size
711KB
-
Sample
210922-wl5ffsfhcn
-
MD5
1f43a7bc2dff37d945223625a7e0110e
-
SHA1
8bdfe34f110ffc14af55d5ae7fc556e181712db9
-
SHA256
43d95bb5fc9f7c5da5900a162e422563904366380e812aeaf1fc8b15a2a0770b
-
SHA512
b9da088c5a20ec41b6b1f0b18e668cf8d3f0c5baef2720a58dd684f3070740e743fae09a4cf31501e55e3d282dd837700016ea3269ac6d796f1215279b558a19
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
43d95bb5fc9f7c5da5900a162e422563904366380e812aeaf1fc8b15a2a0770b
-
Size
711KB
-
MD5
1f43a7bc2dff37d945223625a7e0110e
-
SHA1
8bdfe34f110ffc14af55d5ae7fc556e181712db9
-
SHA256
43d95bb5fc9f7c5da5900a162e422563904366380e812aeaf1fc8b15a2a0770b
-
SHA512
b9da088c5a20ec41b6b1f0b18e668cf8d3f0c5baef2720a58dd684f3070740e743fae09a4cf31501e55e3d282dd837700016ea3269ac6d796f1215279b558a19
-
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-