General
-
Target
161cb20d39c1c71052f1ae35d21479da17e226617edf6845b81bad623ef7c07c
-
Size
634KB
-
Sample
211011-2757rsadh2
-
MD5
4110f512fc60f9ae678c590a55b76ec7
-
SHA1
419302cf7cf8267e28319aaad84a523774270e15
-
SHA256
161cb20d39c1c71052f1ae35d21479da17e226617edf6845b81bad623ef7c07c
-
SHA512
c05909024a03d27b2a65ad791b1ee348ecfa39b4b7e57c997e53a42bb999c3d44581a45c3f3aec36045e2503afeeb8ee5681c8d156b9dd9ad76310c2d835f018
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
161cb20d39c1c71052f1ae35d21479da17e226617edf6845b81bad623ef7c07c
-
Size
634KB
-
MD5
4110f512fc60f9ae678c590a55b76ec7
-
SHA1
419302cf7cf8267e28319aaad84a523774270e15
-
SHA256
161cb20d39c1c71052f1ae35d21479da17e226617edf6845b81bad623ef7c07c
-
SHA512
c05909024a03d27b2a65ad791b1ee348ecfa39b4b7e57c997e53a42bb999c3d44581a45c3f3aec36045e2503afeeb8ee5681c8d156b9dd9ad76310c2d835f018
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-