General
-
Target
3dc6aa652ea8fcf2cf56e6156937a2268562e875baf72f385bdcc133e8a28c72
-
Size
662KB
-
Sample
211012-xg5fbsdbc7
-
MD5
fb7428e766b0705b7da51b9fe92c243b
-
SHA1
da4bc66a0c4fcc241f5846c9c92fac9a7692ebac
-
SHA256
3dc6aa652ea8fcf2cf56e6156937a2268562e875baf72f385bdcc133e8a28c72
-
SHA512
340ce3f8a5bb5721c9d58194d0a04cbbfc6846256d4e50a381abb851c48144738de72963054817d314c39d4687f9c7c73666d06a1e03d8c67411f9c7f3a576eb
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
3dc6aa652ea8fcf2cf56e6156937a2268562e875baf72f385bdcc133e8a28c72
-
Size
662KB
-
MD5
fb7428e766b0705b7da51b9fe92c243b
-
SHA1
da4bc66a0c4fcc241f5846c9c92fac9a7692ebac
-
SHA256
3dc6aa652ea8fcf2cf56e6156937a2268562e875baf72f385bdcc133e8a28c72
-
SHA512
340ce3f8a5bb5721c9d58194d0a04cbbfc6846256d4e50a381abb851c48144738de72963054817d314c39d4687f9c7c73666d06a1e03d8c67411f9c7f3a576eb
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-