General
-
Target
3893dc157f444a1b98d11a33630f78a45579b826f3ce83c08bb7b176cbfa2418
-
Size
633KB
-
Sample
211012-bjr25aafh5
-
MD5
9175b37a66015e35557da0927bc823bb
-
SHA1
db784d97c1e3bb9cfd49e58b1cf7c386b6c5df6f
-
SHA256
3893dc157f444a1b98d11a33630f78a45579b826f3ce83c08bb7b176cbfa2418
-
SHA512
fff656c08e7329f42a641b35a9fbf76ee55b454eea4a257316bbd2da64211d4c5b3dc62840cec14fd1f064ae31c531ab2953b49aefb0f3388d710a4bc058371c
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
3893dc157f444a1b98d11a33630f78a45579b826f3ce83c08bb7b176cbfa2418
-
Size
633KB
-
MD5
9175b37a66015e35557da0927bc823bb
-
SHA1
db784d97c1e3bb9cfd49e58b1cf7c386b6c5df6f
-
SHA256
3893dc157f444a1b98d11a33630f78a45579b826f3ce83c08bb7b176cbfa2418
-
SHA512
fff656c08e7329f42a641b35a9fbf76ee55b454eea4a257316bbd2da64211d4c5b3dc62840cec14fd1f064ae31c531ab2953b49aefb0f3388d710a4bc058371c
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-