General
-
Target
bc8f0bfb94d9a4455282bb072b79e858.exe
-
Size
683KB
-
Sample
211013-lkehjadhc4
-
MD5
bc8f0bfb94d9a4455282bb072b79e858
-
SHA1
bb004397b82ba101f65a6aa9e8c7533061c01e2b
-
SHA256
1fbbaa6cfa20d6e11a3e5e4ba0702f608d474cbf5a86eef891fb57a671c684be
-
SHA512
60a40427f9011abc97e48dace42c8b0d9f39b1416e0d8dd27bab1110d99248fb8e273bd4218b8427bf6a4525c6d157b021703e43d5c5473d95f26f6e7d5ef1ad
Static task
static1
Behavioral task
behavioral1
Sample
bc8f0bfb94d9a4455282bb072b79e858.exe
Resource
win7-en-20210920
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
bc8f0bfb94d9a4455282bb072b79e858.exe
-
Size
683KB
-
MD5
bc8f0bfb94d9a4455282bb072b79e858
-
SHA1
bb004397b82ba101f65a6aa9e8c7533061c01e2b
-
SHA256
1fbbaa6cfa20d6e11a3e5e4ba0702f608d474cbf5a86eef891fb57a671c684be
-
SHA512
60a40427f9011abc97e48dace42c8b0d9f39b1416e0d8dd27bab1110d99248fb8e273bd4218b8427bf6a4525c6d157b021703e43d5c5473d95f26f6e7d5ef1ad
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-