General
-
Target
2692f4594cebfa3afca882274dc1432fea1ccbc7d3f37db3e15059722db1d97b
-
Size
744KB
-
Sample
211012-21jeesdch5
-
MD5
a1d952bac582c5d5f44c6f0ff09ebedd
-
SHA1
4dced96e35ea074c01e6bd4c5b8fc3c881c695e7
-
SHA256
2692f4594cebfa3afca882274dc1432fea1ccbc7d3f37db3e15059722db1d97b
-
SHA512
6bfc2f1ff5ded10c0dc355757fcca092b0388c9cce11e725cb5c77a0dae11ab1b004dd42b11d90d468cf09c23d1db5e70b9afc3112ebe1727b401af871516e48
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
2692f4594cebfa3afca882274dc1432fea1ccbc7d3f37db3e15059722db1d97b
-
Size
744KB
-
MD5
a1d952bac582c5d5f44c6f0ff09ebedd
-
SHA1
4dced96e35ea074c01e6bd4c5b8fc3c881c695e7
-
SHA256
2692f4594cebfa3afca882274dc1432fea1ccbc7d3f37db3e15059722db1d97b
-
SHA512
6bfc2f1ff5ded10c0dc355757fcca092b0388c9cce11e725cb5c77a0dae11ab1b004dd42b11d90d468cf09c23d1db5e70b9afc3112ebe1727b401af871516e48
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-