General
-
Target
f4c14ff2a368f1aa40bbb94534239a1cc95fe94244b2a464a2f56708067e574a
-
Size
744KB
-
Sample
211013-hqya2sdeck
-
MD5
483ec635976f2363771978cdb0382c8c
-
SHA1
180cec6ae4b51a50fe4d05e273af5ae5d4a10a90
-
SHA256
f4c14ff2a368f1aa40bbb94534239a1cc95fe94244b2a464a2f56708067e574a
-
SHA512
87832dc437c53fb1d3763a413b4dcb9b1d1910f0439109e270b8ea1df4bc534bd36d9bb698616bd5f32aaaa65ef5b4492d310f28d373d9bdbfb1d551e691f154
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
f4c14ff2a368f1aa40bbb94534239a1cc95fe94244b2a464a2f56708067e574a
-
Size
744KB
-
MD5
483ec635976f2363771978cdb0382c8c
-
SHA1
180cec6ae4b51a50fe4d05e273af5ae5d4a10a90
-
SHA256
f4c14ff2a368f1aa40bbb94534239a1cc95fe94244b2a464a2f56708067e574a
-
SHA512
87832dc437c53fb1d3763a413b4dcb9b1d1910f0439109e270b8ea1df4bc534bd36d9bb698616bd5f32aaaa65ef5b4492d310f28d373d9bdbfb1d551e691f154
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-