General
-
Target
f3d3ca7b63605a1218f5d934bb544e3c04bd0b628cababf1c5e7ff15b18c5b7e
-
Size
743KB
-
Sample
211013-p8zp6aebe2
-
MD5
ba10296f6b353ca726f4d719cb5b69eb
-
SHA1
c5d11d5b7dc11176993e5d3db7e6b8f19ea5e2d9
-
SHA256
f3d3ca7b63605a1218f5d934bb544e3c04bd0b628cababf1c5e7ff15b18c5b7e
-
SHA512
8180144d184fc4f20662424a0c32c33b7c7c5fdc9254f3e2a94abbd22c850b376673ab72be58d755282e41e175782e3944557fbabc10fc3ffdb839bac3a3623c
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
f3d3ca7b63605a1218f5d934bb544e3c04bd0b628cababf1c5e7ff15b18c5b7e
-
Size
743KB
-
MD5
ba10296f6b353ca726f4d719cb5b69eb
-
SHA1
c5d11d5b7dc11176993e5d3db7e6b8f19ea5e2d9
-
SHA256
f3d3ca7b63605a1218f5d934bb544e3c04bd0b628cababf1c5e7ff15b18c5b7e
-
SHA512
8180144d184fc4f20662424a0c32c33b7c7c5fdc9254f3e2a94abbd22c850b376673ab72be58d755282e41e175782e3944557fbabc10fc3ffdb839bac3a3623c
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-