General
-
Target
9799d0518dd30b000490cb344882807ce892b5e4a93d6108c33e7c48d981065b
-
Size
666KB
-
Sample
211014-zvtxvsace8
-
MD5
f364f84b22394c2e2169014f2e646261
-
SHA1
49b689b469f7f0ec7abb8a0a14785f9244496ffa
-
SHA256
9799d0518dd30b000490cb344882807ce892b5e4a93d6108c33e7c48d981065b
-
SHA512
7edc7f8ff25491700ed5bd2af5be882aff82567c5b11f5ee8a7b13bcc4d81fd9a2cf4420994b1966c55212183e542b85224a3d54e4262b3725a7de61e6367ec5
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
9799d0518dd30b000490cb344882807ce892b5e4a93d6108c33e7c48d981065b
-
Size
666KB
-
MD5
f364f84b22394c2e2169014f2e646261
-
SHA1
49b689b469f7f0ec7abb8a0a14785f9244496ffa
-
SHA256
9799d0518dd30b000490cb344882807ce892b5e4a93d6108c33e7c48d981065b
-
SHA512
7edc7f8ff25491700ed5bd2af5be882aff82567c5b11f5ee8a7b13bcc4d81fd9a2cf4420994b1966c55212183e542b85224a3d54e4262b3725a7de61e6367ec5
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-