General
-
Target
48ae8d6275cb9df86e032623fbfa120ad37592fcf345407bccef1d4dc592217c
-
Size
772KB
-
Sample
211011-vc8k3shfg3
-
MD5
16ee9ca2803a0dbd40f7654d5529935d
-
SHA1
1d6d21289107ae774f9343350448cd46b6618c39
-
SHA256
48ae8d6275cb9df86e032623fbfa120ad37592fcf345407bccef1d4dc592217c
-
SHA512
3f8ed05516c9c7b5deec1f5d65b0fc657bdcabaf6fd249b0d27147faf4583c8e248da6b60ad0fc5b801e18c5537bf0adde70d9f28d5514d13a36d1a8210bf450
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
48ae8d6275cb9df86e032623fbfa120ad37592fcf345407bccef1d4dc592217c
-
Size
772KB
-
MD5
16ee9ca2803a0dbd40f7654d5529935d
-
SHA1
1d6d21289107ae774f9343350448cd46b6618c39
-
SHA256
48ae8d6275cb9df86e032623fbfa120ad37592fcf345407bccef1d4dc592217c
-
SHA512
3f8ed05516c9c7b5deec1f5d65b0fc657bdcabaf6fd249b0d27147faf4583c8e248da6b60ad0fc5b801e18c5537bf0adde70d9f28d5514d13a36d1a8210bf450
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-