General
-
Target
ba1db6e8623f5d616b06bc749b21b6e0.exe
-
Size
742KB
-
Sample
211014-nf1lbahaa9
-
MD5
ba1db6e8623f5d616b06bc749b21b6e0
-
SHA1
784b43d378764435fb0b334662d2be8ef71dac07
-
SHA256
611796a36903059a2d1725d7849a375b9aa2902254c0d5f5fa2122e83570ea3a
-
SHA512
9fff1d772d9799e833020aa2063e7652795bb077f50b3d18ae49fb1a0c88a800d500f38bb72161dba9a9918ec90757868fd2715cd6e318607ad7efc58d0f8dd9
Static task
static1
Behavioral task
behavioral1
Sample
ba1db6e8623f5d616b06bc749b21b6e0.exe
Resource
win7-en-20210920
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
ba1db6e8623f5d616b06bc749b21b6e0.exe
-
Size
742KB
-
MD5
ba1db6e8623f5d616b06bc749b21b6e0
-
SHA1
784b43d378764435fb0b334662d2be8ef71dac07
-
SHA256
611796a36903059a2d1725d7849a375b9aa2902254c0d5f5fa2122e83570ea3a
-
SHA512
9fff1d772d9799e833020aa2063e7652795bb077f50b3d18ae49fb1a0c88a800d500f38bb72161dba9a9918ec90757868fd2715cd6e318607ad7efc58d0f8dd9
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-