General
-
Target
e40800aeb1b8011f6be84885a4ef27762eb4fc6b66e8cce2925541eb962997a8
-
Size
666KB
-
Sample
211014-kz4kjaggf6
-
MD5
7f56914f5b3a51871aee082d70a0a158
-
SHA1
65d88512a18807f573a93f78974f8dde94b13954
-
SHA256
e40800aeb1b8011f6be84885a4ef27762eb4fc6b66e8cce2925541eb962997a8
-
SHA512
541a406c32c5771add4beeeb0e05795249d58c83237e993a81b2249e31b24898d460f1769864bfc48d0c59da3e8db3ac59160614305cb15cb4885624286edc58
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
e40800aeb1b8011f6be84885a4ef27762eb4fc6b66e8cce2925541eb962997a8
-
Size
666KB
-
MD5
7f56914f5b3a51871aee082d70a0a158
-
SHA1
65d88512a18807f573a93f78974f8dde94b13954
-
SHA256
e40800aeb1b8011f6be84885a4ef27762eb4fc6b66e8cce2925541eb962997a8
-
SHA512
541a406c32c5771add4beeeb0e05795249d58c83237e993a81b2249e31b24898d460f1769864bfc48d0c59da3e8db3ac59160614305cb15cb4885624286edc58
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-