General
-
Target
0917c478831aa8a07c23ac218a0cc7b568cbd99cd0364154a58071213a9e20c7
-
Size
743KB
-
Sample
211013-y4l3yafcb8
-
MD5
77841007132c17e08ab8e1e3968d7374
-
SHA1
15c53c1aefe72e0e7f6859db550bb55088114ec9
-
SHA256
0917c478831aa8a07c23ac218a0cc7b568cbd99cd0364154a58071213a9e20c7
-
SHA512
88bb50a84a86aca435422a5ffe7742a03359a081c6fc5697be535d41c8055973c2cb7da9430ee186f0b204eb7fdd2f43fc6c1abd36deec2872caee275ab08302
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
0917c478831aa8a07c23ac218a0cc7b568cbd99cd0364154a58071213a9e20c7
-
Size
743KB
-
MD5
77841007132c17e08ab8e1e3968d7374
-
SHA1
15c53c1aefe72e0e7f6859db550bb55088114ec9
-
SHA256
0917c478831aa8a07c23ac218a0cc7b568cbd99cd0364154a58071213a9e20c7
-
SHA512
88bb50a84a86aca435422a5ffe7742a03359a081c6fc5697be535d41c8055973c2cb7da9430ee186f0b204eb7fdd2f43fc6c1abd36deec2872caee275ab08302
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-