General
-
Target
7a8633598f20a4a9a2d0f07dc003c0bf185da51279bdbec01fcd7b7f357e743a
-
Size
744KB
-
Sample
211011-zt27vaabf4
-
MD5
0aed4a29bbf66eb784e6c39e7341aad3
-
SHA1
69e81084ea004d5ba0498a274797522a6291b75f
-
SHA256
7a8633598f20a4a9a2d0f07dc003c0bf185da51279bdbec01fcd7b7f357e743a
-
SHA512
70a6c97bc1876f2599306f0f6e2051872a2ff16f0555f3346064c7906fc47dd4b7d5b861a55cf2684ad161fac3ca9a9da6f49e9b1f881f9c7e3a402a51bfae53
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
7a8633598f20a4a9a2d0f07dc003c0bf185da51279bdbec01fcd7b7f357e743a
-
Size
744KB
-
MD5
0aed4a29bbf66eb784e6c39e7341aad3
-
SHA1
69e81084ea004d5ba0498a274797522a6291b75f
-
SHA256
7a8633598f20a4a9a2d0f07dc003c0bf185da51279bdbec01fcd7b7f357e743a
-
SHA512
70a6c97bc1876f2599306f0f6e2051872a2ff16f0555f3346064c7906fc47dd4b7d5b861a55cf2684ad161fac3ca9a9da6f49e9b1f881f9c7e3a402a51bfae53
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-