General
-
Target
eufive_20211001-101536
-
Size
728KB
-
Sample
211001-kl4y5sbcf8
-
MD5
cd0d70c0eb2471c8d4ca3315cbb0c10d
-
SHA1
11b1ec96fc254b01ef93e76a4b06b7fdf5390843
-
SHA256
721f1d3b8ad510a14ba2ca6086be1bc324c5dfeb651f651007ca0fb8160c6365
-
SHA512
67e35aa4f5f537a1eda4addb3b36f57767de3867f5ec1e571a4c2f8d53fed964fac60c9beddadf89c241397e34048a63ab75f66ffa158a295475c5e9630c7904
Static task
static1
Behavioral task
behavioral1
Sample
eufive_20211001-101536.exe
Resource
win7-en-20210920
Malware Config
Extracted
vidar
41.1
865
https://mas.to/@bardak1ho
-
profile_id
865
Targets
-
-
Target
eufive_20211001-101536
-
Size
728KB
-
MD5
cd0d70c0eb2471c8d4ca3315cbb0c10d
-
SHA1
11b1ec96fc254b01ef93e76a4b06b7fdf5390843
-
SHA256
721f1d3b8ad510a14ba2ca6086be1bc324c5dfeb651f651007ca0fb8160c6365
-
SHA512
67e35aa4f5f537a1eda4addb3b36f57767de3867f5ec1e571a4c2f8d53fed964fac60c9beddadf89c241397e34048a63ab75f66ffa158a295475c5e9630c7904
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-