General
-
Target
60688fa07c62d9bf2e179dc151c04c979612d007ad41382ef1ec47643f89b945
-
Size
773KB
-
Sample
211011-rgyd5ahdf2
-
MD5
b153ce1190837b51c6ec046682c5206f
-
SHA1
369d860bbab942f1c895a3f7a683fd607e791cc5
-
SHA256
60688fa07c62d9bf2e179dc151c04c979612d007ad41382ef1ec47643f89b945
-
SHA512
353916aaf18e22ba79e78c955d7c37461918a1a11b2a0e0998514a16832bcf9cd860025cfee5d356c2db935c58a495dd9c5d5be303e18929c9b0d1fc2e63a170
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
60688fa07c62d9bf2e179dc151c04c979612d007ad41382ef1ec47643f89b945
-
Size
773KB
-
MD5
b153ce1190837b51c6ec046682c5206f
-
SHA1
369d860bbab942f1c895a3f7a683fd607e791cc5
-
SHA256
60688fa07c62d9bf2e179dc151c04c979612d007ad41382ef1ec47643f89b945
-
SHA512
353916aaf18e22ba79e78c955d7c37461918a1a11b2a0e0998514a16832bcf9cd860025cfee5d356c2db935c58a495dd9c5d5be303e18929c9b0d1fc2e63a170
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-