General
-
Target
a1d952bac582c5d5f44c6f0ff09ebedd.exe
-
Size
744KB
-
Sample
211013-lh97esdhb9
-
MD5
a1d952bac582c5d5f44c6f0ff09ebedd
-
SHA1
4dced96e35ea074c01e6bd4c5b8fc3c881c695e7
-
SHA256
2692f4594cebfa3afca882274dc1432fea1ccbc7d3f37db3e15059722db1d97b
-
SHA512
6bfc2f1ff5ded10c0dc355757fcca092b0388c9cce11e725cb5c77a0dae11ab1b004dd42b11d90d468cf09c23d1db5e70b9afc3112ebe1727b401af871516e48
Static task
static1
Behavioral task
behavioral1
Sample
a1d952bac582c5d5f44c6f0ff09ebedd.exe
Resource
win7-en-20210920
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
a1d952bac582c5d5f44c6f0ff09ebedd.exe
-
Size
744KB
-
MD5
a1d952bac582c5d5f44c6f0ff09ebedd
-
SHA1
4dced96e35ea074c01e6bd4c5b8fc3c881c695e7
-
SHA256
2692f4594cebfa3afca882274dc1432fea1ccbc7d3f37db3e15059722db1d97b
-
SHA512
6bfc2f1ff5ded10c0dc355757fcca092b0388c9cce11e725cb5c77a0dae11ab1b004dd42b11d90d468cf09c23d1db5e70b9afc3112ebe1727b401af871516e48
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-