General
-
Target
816f131c81d8b6cf22230dd48b073be606f76263b581164620d6293f20573ebc
-
Size
605KB
-
Sample
210923-agwf4agfep
-
MD5
4fc08dde6e0fdcdfcfd24e8c5dea9ac3
-
SHA1
3d8196a7dadf77eb42371d42073b2375b254b3a8
-
SHA256
816f131c81d8b6cf22230dd48b073be606f76263b581164620d6293f20573ebc
-
SHA512
1c823255a38b5051995453347d6eba7599a36992d738fdfa32173c551f29879b00c33acf5ce94ca352a7f00bb6cd5a44de092afd52b3533f5c29a48d08f28c3b
Static task
static1
Malware Config
Extracted
vidar
40.9
828
https://stacenko668.tumblr.com/
-
profile_id
828
Targets
-
-
Target
816f131c81d8b6cf22230dd48b073be606f76263b581164620d6293f20573ebc
-
Size
605KB
-
MD5
4fc08dde6e0fdcdfcfd24e8c5dea9ac3
-
SHA1
3d8196a7dadf77eb42371d42073b2375b254b3a8
-
SHA256
816f131c81d8b6cf22230dd48b073be606f76263b581164620d6293f20573ebc
-
SHA512
1c823255a38b5051995453347d6eba7599a36992d738fdfa32173c551f29879b00c33acf5ce94ca352a7f00bb6cd5a44de092afd52b3533f5c29a48d08f28c3b
-
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-