General
-
Target
eufive_20211008-154430
-
Size
626KB
-
Sample
211008-t7m27aefg9
-
MD5
68e24adda60ccb2d64395e39bf4c2cba
-
SHA1
27edf1731246d087b64c81e79b557bfb1bf60ae1
-
SHA256
e2e5d2093fd649ec7a933cd7fe68763c5adfa947a56d00fa1796a22ddb528fca
-
SHA512
f8343453f8933cdf82cbdcc4b50d5a21b829ac77190d2f34b708137ede7ee2bf6a4b03d7cb4bf0f69c2f1441fdb604ca9c8dc8b9d5fa65c7d7a67e25c0e14c73
Static task
static1
Behavioral task
behavioral1
Sample
eufive_20211008-154430.exe
Resource
win7-en-20210920
Malware Config
Extracted
vidar
41.2
865
https://mas.to/@serg4325
-
profile_id
865
Targets
-
-
Target
eufive_20211008-154430
-
Size
626KB
-
MD5
68e24adda60ccb2d64395e39bf4c2cba
-
SHA1
27edf1731246d087b64c81e79b557bfb1bf60ae1
-
SHA256
e2e5d2093fd649ec7a933cd7fe68763c5adfa947a56d00fa1796a22ddb528fca
-
SHA512
f8343453f8933cdf82cbdcc4b50d5a21b829ac77190d2f34b708137ede7ee2bf6a4b03d7cb4bf0f69c2f1441fdb604ca9c8dc8b9d5fa65c7d7a67e25c0e14c73
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-