General
-
Target
ef86c64311025ec1b39eafec8385df5c3afb01211370c317953b17877ca57785
-
Size
717KB
-
Sample
211014-w88rdsabd2
-
MD5
0a45219f5215cea70cf919e5ade6daae
-
SHA1
a2a5f3d2c5978a68260f6278b93ef8b572e39be1
-
SHA256
ef86c64311025ec1b39eafec8385df5c3afb01211370c317953b17877ca57785
-
SHA512
bd7422450503c5830a43f67fab04541510424db5f539ea7ed784061ae46e626c50ecb84eb0b1423fd5d96db36b3f4bdd978b6ec80e6e6e7fac4092cd9f323f48
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
ef86c64311025ec1b39eafec8385df5c3afb01211370c317953b17877ca57785
-
Size
717KB
-
MD5
0a45219f5215cea70cf919e5ade6daae
-
SHA1
a2a5f3d2c5978a68260f6278b93ef8b572e39be1
-
SHA256
ef86c64311025ec1b39eafec8385df5c3afb01211370c317953b17877ca57785
-
SHA512
bd7422450503c5830a43f67fab04541510424db5f539ea7ed784061ae46e626c50ecb84eb0b1423fd5d96db36b3f4bdd978b6ec80e6e6e7fac4092cd9f323f48
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-