General
-
Target
fcf22b11ddc4930c1cfa4b1ec50cc7bf2bc078133c2151cdc90054bd53197efa
-
Size
742KB
-
Sample
211014-25nvpsadb9
-
MD5
e70c1f077a3ade73107c3bf51d544776
-
SHA1
22bc28c54cd33c28509563623949b66abbc69982
-
SHA256
fcf22b11ddc4930c1cfa4b1ec50cc7bf2bc078133c2151cdc90054bd53197efa
-
SHA512
844337990fbcb53e7384a7a658d4a9986b2e1853d83646d93c3964ea6df18d07d268260e0236e6882e62be826f5f0785eeabfe259c8f64445e957b843a6b7059
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
fcf22b11ddc4930c1cfa4b1ec50cc7bf2bc078133c2151cdc90054bd53197efa
-
Size
742KB
-
MD5
e70c1f077a3ade73107c3bf51d544776
-
SHA1
22bc28c54cd33c28509563623949b66abbc69982
-
SHA256
fcf22b11ddc4930c1cfa4b1ec50cc7bf2bc078133c2151cdc90054bd53197efa
-
SHA512
844337990fbcb53e7384a7a658d4a9986b2e1853d83646d93c3964ea6df18d07d268260e0236e6882e62be826f5f0785eeabfe259c8f64445e957b843a6b7059
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-