General
-
Target
8e5264b96f37d907077bbb8683be2985.exe
-
Size
770KB
-
Sample
211010-nzllhafge7
-
MD5
8e5264b96f37d907077bbb8683be2985
-
SHA1
7e36a413cfbd14250aa8d6247be90152040a0a9c
-
SHA256
a2872c8f6a4e0bf3538f83c8b7660d5c2b0cacf643a847faf0695b2a717ab317
-
SHA512
0449e6908a2b115bdbc2dfe91184c6594c1b6dccc9e931b404f7ea3932d700cc6a1206a4c3fa2d0b503e9cd3073ed075c9be9f2ea79cd29c41738c40a7780397
Static task
static1
Behavioral task
behavioral1
Sample
8e5264b96f37d907077bbb8683be2985.exe
Resource
win7v20210408
Malware Config
Extracted
vidar
41.2
1008
https://mas.to/@serg4325
-
profile_id
1008
Targets
-
-
Target
8e5264b96f37d907077bbb8683be2985.exe
-
Size
770KB
-
MD5
8e5264b96f37d907077bbb8683be2985
-
SHA1
7e36a413cfbd14250aa8d6247be90152040a0a9c
-
SHA256
a2872c8f6a4e0bf3538f83c8b7660d5c2b0cacf643a847faf0695b2a717ab317
-
SHA512
0449e6908a2b115bdbc2dfe91184c6594c1b6dccc9e931b404f7ea3932d700cc6a1206a4c3fa2d0b503e9cd3073ed075c9be9f2ea79cd29c41738c40a7780397
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-