General
-
Target
271c8cd98ea973ac6f624d19208659fa.exe
-
Size
770KB
-
Sample
211010-ny2akafghm
-
MD5
271c8cd98ea973ac6f624d19208659fa
-
SHA1
23f8fe53a722a3684dd81e652ce1612940041423
-
SHA256
039319cf3944c2873517912d91bd02c48a634c36ef69acab04e54d1ce07685c1
-
SHA512
df185d1934b12c6dc748caf83caec78d56a82067eb4f55912a7bd9953d44e58707396c8dc4812f770fcd2ec2fbf809c0dea0f77fb89f8d7e0353802a981a62ee
Static task
static1
Behavioral task
behavioral1
Sample
271c8cd98ea973ac6f624d19208659fa.exe
Resource
win7-en-20210920
Malware Config
Extracted
vidar
41.2
1008
https://mas.to/@serg4325
-
profile_id
1008
Targets
-
-
Target
271c8cd98ea973ac6f624d19208659fa.exe
-
Size
770KB
-
MD5
271c8cd98ea973ac6f624d19208659fa
-
SHA1
23f8fe53a722a3684dd81e652ce1612940041423
-
SHA256
039319cf3944c2873517912d91bd02c48a634c36ef69acab04e54d1ce07685c1
-
SHA512
df185d1934b12c6dc748caf83caec78d56a82067eb4f55912a7bd9953d44e58707396c8dc4812f770fcd2ec2fbf809c0dea0f77fb89f8d7e0353802a981a62ee
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-