General
-
Target
d9b6823ca8e13b78c269c5d21e948dbab625ea87d3370d163eeabeb3822aef56
-
Size
744KB
-
Sample
211013-mndwvadgek
-
MD5
9ce7a85ba3d9b83cfe600c41859b1bd1
-
SHA1
bd1be91996a50af60298dbdb424f608e4f80a8d7
-
SHA256
d9b6823ca8e13b78c269c5d21e948dbab625ea87d3370d163eeabeb3822aef56
-
SHA512
7aad0065d6f748fe63777dcc1fa541d049aa55434eef5b67f0ec1110b63960bb3ee43ea16d6d03aecda4ac3ae794d623a7ac22802edfe61765695fd0e268816a
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
d9b6823ca8e13b78c269c5d21e948dbab625ea87d3370d163eeabeb3822aef56
-
Size
744KB
-
MD5
9ce7a85ba3d9b83cfe600c41859b1bd1
-
SHA1
bd1be91996a50af60298dbdb424f608e4f80a8d7
-
SHA256
d9b6823ca8e13b78c269c5d21e948dbab625ea87d3370d163eeabeb3822aef56
-
SHA512
7aad0065d6f748fe63777dcc1fa541d049aa55434eef5b67f0ec1110b63960bb3ee43ea16d6d03aecda4ac3ae794d623a7ac22802edfe61765695fd0e268816a
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-