General
-
Target
eufive_20211012-134445
-
Size
635KB
-
Sample
211012-pzlryacdb3
-
MD5
0dd43b8e44b150123c7f8cd67bd12858
-
SHA1
aadebdc650d96f14d39d5361f089276cee038c31
-
SHA256
071085f4c4f9756324c5713980edd923e2df671dd672fe880c89b3c526915f74
-
SHA512
fab781d7b285f5137ead9ca2f6b442233e5d32a2f57ac89dd671e9b8ed9aafe1e9a7ab0a0ed12d39e2e08fcb5caf0c944e19b008186de8c5a33f8b027af76548
Static task
static1
Behavioral task
behavioral1
Sample
eufive_20211012-134445.exe
Resource
win7-en-20210920
Malware Config
Extracted
vidar
41.3
865
https://mas.to/@oleg98
-
profile_id
865
Targets
-
-
Target
eufive_20211012-134445
-
Size
635KB
-
MD5
0dd43b8e44b150123c7f8cd67bd12858
-
SHA1
aadebdc650d96f14d39d5361f089276cee038c31
-
SHA256
071085f4c4f9756324c5713980edd923e2df671dd672fe880c89b3c526915f74
-
SHA512
fab781d7b285f5137ead9ca2f6b442233e5d32a2f57ac89dd671e9b8ed9aafe1e9a7ab0a0ed12d39e2e08fcb5caf0c944e19b008186de8c5a33f8b027af76548
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-