General
-
Target
09ab0907323d5de77ebe2891813dc5d0.exe
-
Size
635KB
-
Sample
211012-ty883acgd9
-
MD5
09ab0907323d5de77ebe2891813dc5d0
-
SHA1
edbee14a3f89d075e152013d48d8dd794d08c254
-
SHA256
152c854e0e028eaa43bef46d7375d5704cf43f2c22a0354d7757e7cf5cdc3a89
-
SHA512
1ab37e6af947694a2140c67d23b80121a23f742374c794bb47e5bae20ed46bbefb1ecf24a90d28f058140f1ccda693fdf90690c7090250c0dfa7c5bfc90269c9
Static task
static1
Behavioral task
behavioral1
Sample
09ab0907323d5de77ebe2891813dc5d0.exe
Resource
win7-en-20210920
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
09ab0907323d5de77ebe2891813dc5d0.exe
-
Size
635KB
-
MD5
09ab0907323d5de77ebe2891813dc5d0
-
SHA1
edbee14a3f89d075e152013d48d8dd794d08c254
-
SHA256
152c854e0e028eaa43bef46d7375d5704cf43f2c22a0354d7757e7cf5cdc3a89
-
SHA512
1ab37e6af947694a2140c67d23b80121a23f742374c794bb47e5bae20ed46bbefb1ecf24a90d28f058140f1ccda693fdf90690c7090250c0dfa7c5bfc90269c9
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-