General
-
Target
d620747c89c8bf80c2226ea81341022d8214683ad334cae502610f3b6b7bffe9
-
Size
771KB
-
Sample
211011-bqny2sgbh5
-
MD5
e905b7b58b80c3a82b257f2fe3f72a7f
-
SHA1
039538337337f5aa716d06543ee7e7e2c91f1f6f
-
SHA256
d620747c89c8bf80c2226ea81341022d8214683ad334cae502610f3b6b7bffe9
-
SHA512
0bf909b1c1d91974631edc047a4f37b46c1442e9e765c1a133240b7b1f0bfc508b3460f614d21ed6510ebec9e42c13df92a64c0229445be5f1ae1093ee52477a
Static task
static1
Malware Config
Extracted
vidar
41.2
1008
https://mas.to/@serg4325
-
profile_id
1008
Targets
-
-
Target
d620747c89c8bf80c2226ea81341022d8214683ad334cae502610f3b6b7bffe9
-
Size
771KB
-
MD5
e905b7b58b80c3a82b257f2fe3f72a7f
-
SHA1
039538337337f5aa716d06543ee7e7e2c91f1f6f
-
SHA256
d620747c89c8bf80c2226ea81341022d8214683ad334cae502610f3b6b7bffe9
-
SHA512
0bf909b1c1d91974631edc047a4f37b46c1442e9e765c1a133240b7b1f0bfc508b3460f614d21ed6510ebec9e42c13df92a64c0229445be5f1ae1093ee52477a
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-