General
-
Target
a53b1a3e69db3ed4ba1e36838cf703a86de8fd2f1febd79a9ae6bd227812ebbe
-
Size
674KB
-
Sample
211014-fgasaagabk
-
MD5
0b3d012d4860ecb90c4eb174bbe84f45
-
SHA1
292fa655281bd676705fdf8caccd59111d1f8893
-
SHA256
a53b1a3e69db3ed4ba1e36838cf703a86de8fd2f1febd79a9ae6bd227812ebbe
-
SHA512
845f56d37fcd5def7ee5f3592108dabd22a4902d918ac0c15a5973941e17ace312c2cf530bcf5e3b3fee177894f2cc8a4940031b99fd8a227a83106c9215f5f7
Static task
static1
Malware Config
Extracted
vidar
41.3
903
https://mas.to/@oleg98
-
profile_id
903
Targets
-
-
Target
a53b1a3e69db3ed4ba1e36838cf703a86de8fd2f1febd79a9ae6bd227812ebbe
-
Size
674KB
-
MD5
0b3d012d4860ecb90c4eb174bbe84f45
-
SHA1
292fa655281bd676705fdf8caccd59111d1f8893
-
SHA256
a53b1a3e69db3ed4ba1e36838cf703a86de8fd2f1febd79a9ae6bd227812ebbe
-
SHA512
845f56d37fcd5def7ee5f3592108dabd22a4902d918ac0c15a5973941e17ace312c2cf530bcf5e3b3fee177894f2cc8a4940031b99fd8a227a83106c9215f5f7
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-