General
-
Target
fc935f98bf09c5c7cacb0f21795b5c3dd89dc7f0796ac229471466015a5a3fe6
-
Size
742KB
-
Sample
211015-d4l3qaaed5
-
MD5
6a635d96c5657496d51330c0a61fd341
-
SHA1
b15a47a46ae00261a2908c8e895d22e9ba23ecf2
-
SHA256
fc935f98bf09c5c7cacb0f21795b5c3dd89dc7f0796ac229471466015a5a3fe6
-
SHA512
2579caad9f93bef9f3816f5ced398b36e2b3dfb617c0a25a43765a84eec2196fb542bdb2f152876cd4d047b3a1e5aaac76e3fb0f9c6d6146e8978635566c37aa
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
fc935f98bf09c5c7cacb0f21795b5c3dd89dc7f0796ac229471466015a5a3fe6
-
Size
742KB
-
MD5
6a635d96c5657496d51330c0a61fd341
-
SHA1
b15a47a46ae00261a2908c8e895d22e9ba23ecf2
-
SHA256
fc935f98bf09c5c7cacb0f21795b5c3dd89dc7f0796ac229471466015a5a3fe6
-
SHA512
2579caad9f93bef9f3816f5ced398b36e2b3dfb617c0a25a43765a84eec2196fb542bdb2f152876cd4d047b3a1e5aaac76e3fb0f9c6d6146e8978635566c37aa
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-