General
-
Target
ff5f8ba7e53db467db44f736f3888ba29dfe35c33a1441d48eb3592a5eaf90a4
-
Size
711KB
-
Sample
210922-x2ncjsdff6
-
MD5
132c4f048c8cf80a4862a03ccaabd2d0
-
SHA1
84b8fece2ab2b2470c7954a785d4d45fdd56210d
-
SHA256
ff5f8ba7e53db467db44f736f3888ba29dfe35c33a1441d48eb3592a5eaf90a4
-
SHA512
7ff540b3699f1af2036a346b236e1e46aa38ed2238cfa624c6b32eb0f898d32b4d76c74e538da4a2f1d50442e9616601e7a7e4d17c90b61381ba1894b4b8d63f
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
ff5f8ba7e53db467db44f736f3888ba29dfe35c33a1441d48eb3592a5eaf90a4
-
Size
711KB
-
MD5
132c4f048c8cf80a4862a03ccaabd2d0
-
SHA1
84b8fece2ab2b2470c7954a785d4d45fdd56210d
-
SHA256
ff5f8ba7e53db467db44f736f3888ba29dfe35c33a1441d48eb3592a5eaf90a4
-
SHA512
7ff540b3699f1af2036a346b236e1e46aa38ed2238cfa624c6b32eb0f898d32b4d76c74e538da4a2f1d50442e9616601e7a7e4d17c90b61381ba1894b4b8d63f
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-