General
-
Target
bc5ee479cea4417041388ff6f22f587f38850f84af15659dacc26528836b658b
-
Size
711KB
-
Sample
210922-xbtrmsded8
-
MD5
95967d4e7f8354d41373b8fdaa6bdc0f
-
SHA1
87bcd0a59fef36392a3cc9ce5640d5a5162acca8
-
SHA256
bc5ee479cea4417041388ff6f22f587f38850f84af15659dacc26528836b658b
-
SHA512
0cd5ac132ec281f3b03ae9700756dd2bdb9545d82b0ea3496699de3eccdfd77b310e5978cfa670ba852cd91253caaf7c8f7e88e513db0699b2dbddc53d6e2be6
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
bc5ee479cea4417041388ff6f22f587f38850f84af15659dacc26528836b658b
-
Size
711KB
-
MD5
95967d4e7f8354d41373b8fdaa6bdc0f
-
SHA1
87bcd0a59fef36392a3cc9ce5640d5a5162acca8
-
SHA256
bc5ee479cea4417041388ff6f22f587f38850f84af15659dacc26528836b658b
-
SHA512
0cd5ac132ec281f3b03ae9700756dd2bdb9545d82b0ea3496699de3eccdfd77b310e5978cfa670ba852cd91253caaf7c8f7e88e513db0699b2dbddc53d6e2be6
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-