General
-
Target
9175b37a66015e35557da0927bc823bb.exe
-
Size
633KB
-
Sample
211012-szpelscecl
-
MD5
9175b37a66015e35557da0927bc823bb
-
SHA1
db784d97c1e3bb9cfd49e58b1cf7c386b6c5df6f
-
SHA256
3893dc157f444a1b98d11a33630f78a45579b826f3ce83c08bb7b176cbfa2418
-
SHA512
fff656c08e7329f42a641b35a9fbf76ee55b454eea4a257316bbd2da64211d4c5b3dc62840cec14fd1f064ae31c531ab2953b49aefb0f3388d710a4bc058371c
Static task
static1
Behavioral task
behavioral1
Sample
9175b37a66015e35557da0927bc823bb.exe
Resource
win7v20210408
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
9175b37a66015e35557da0927bc823bb.exe
-
Size
633KB
-
MD5
9175b37a66015e35557da0927bc823bb
-
SHA1
db784d97c1e3bb9cfd49e58b1cf7c386b6c5df6f
-
SHA256
3893dc157f444a1b98d11a33630f78a45579b826f3ce83c08bb7b176cbfa2418
-
SHA512
fff656c08e7329f42a641b35a9fbf76ee55b454eea4a257316bbd2da64211d4c5b3dc62840cec14fd1f064ae31c531ab2953b49aefb0f3388d710a4bc058371c
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-