General
-
Target
5e968b323d6dc7777a4eb797c8b99ac1.exe
-
Size
1.1MB
-
Sample
211011-xbrx2shhd2
-
MD5
5e968b323d6dc7777a4eb797c8b99ac1
-
SHA1
c427a514f70410dba47e5799f23bd511ce39ec14
-
SHA256
cdd1ac2ccf205bcc0e8fecb0b117b809fcade0fcc0eba5f6b85a5dfc88443344
-
SHA512
fb17586b212cfc95f0ddddda81530e3ca79c47ff5545889b77ffa8b1a555319958bf5f310a9fd8efaa23cae29cc6caaf6b1a3dc5fac8bf87249b2b2be4b74616
Static task
static1
Behavioral task
behavioral1
Sample
5e968b323d6dc7777a4eb797c8b99ac1.exe
Resource
win7v20210408
Malware Config
Extracted
vidar
41.3
921
https://mas.to/@oleg98
-
profile_id
921
Targets
-
-
Target
5e968b323d6dc7777a4eb797c8b99ac1.exe
-
Size
1.1MB
-
MD5
5e968b323d6dc7777a4eb797c8b99ac1
-
SHA1
c427a514f70410dba47e5799f23bd511ce39ec14
-
SHA256
cdd1ac2ccf205bcc0e8fecb0b117b809fcade0fcc0eba5f6b85a5dfc88443344
-
SHA512
fb17586b212cfc95f0ddddda81530e3ca79c47ff5545889b77ffa8b1a555319958bf5f310a9fd8efaa23cae29cc6caaf6b1a3dc5fac8bf87249b2b2be4b74616
-
Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-