General
-
Target
e6798b28038242f024284aeff4c10e4feb75ce1999681e7608a7cc6d25644a3e
-
Size
772KB
-
Sample
211011-r73frshee3
-
MD5
0cc4c18012c9e3436e9a94944f464838
-
SHA1
8595672c97bac2ed2e8365b025f6e7e3462149e6
-
SHA256
e6798b28038242f024284aeff4c10e4feb75ce1999681e7608a7cc6d25644a3e
-
SHA512
946d11d6a34dc77ba6f43222ac94f910f7bcd4d3148320b9025aa6d940e400a8e8ca175b023c32128328acb3d4a1ada396470bc024eb403631dd2e2be8e054c4
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
e6798b28038242f024284aeff4c10e4feb75ce1999681e7608a7cc6d25644a3e
-
Size
772KB
-
MD5
0cc4c18012c9e3436e9a94944f464838
-
SHA1
8595672c97bac2ed2e8365b025f6e7e3462149e6
-
SHA256
e6798b28038242f024284aeff4c10e4feb75ce1999681e7608a7cc6d25644a3e
-
SHA512
946d11d6a34dc77ba6f43222ac94f910f7bcd4d3148320b9025aa6d940e400a8e8ca175b023c32128328acb3d4a1ada396470bc024eb403631dd2e2be8e054c4
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-