General
-
Target
6b717b02a529660357f0e5ed8c6eed71709f711672eb57bcc6dea02e0be28338
-
Size
636KB
-
Sample
211012-vw2a4scgh6
-
MD5
e18d4e30dad5ee3ff78e908837492201
-
SHA1
5906e1b799107f18c76268764bba934aebedc4c4
-
SHA256
6b717b02a529660357f0e5ed8c6eed71709f711672eb57bcc6dea02e0be28338
-
SHA512
b64d92ab8b15c780ccc35b2d766f3d344bf80a479f910719b98f7cd53d4096944833b9a27f84030cb9ce9237b57b5cfb836f552d0f913cf3d0114b12ab34c648
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
6b717b02a529660357f0e5ed8c6eed71709f711672eb57bcc6dea02e0be28338
-
Size
636KB
-
MD5
e18d4e30dad5ee3ff78e908837492201
-
SHA1
5906e1b799107f18c76268764bba934aebedc4c4
-
SHA256
6b717b02a529660357f0e5ed8c6eed71709f711672eb57bcc6dea02e0be28338
-
SHA512
b64d92ab8b15c780ccc35b2d766f3d344bf80a479f910719b98f7cd53d4096944833b9a27f84030cb9ce9237b57b5cfb836f552d0f913cf3d0114b12ab34c648
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-