General
-
Target
36dc746907920eef2aad86633a96a0e2aa119b0fc6fe69e578ee5271dd28c598
-
Size
725KB
-
Sample
211015-f7gnhsaef9
-
MD5
8dc5701aec8d5572c7f6c858f7a11215
-
SHA1
0127a329ef2b1b6c3aa82fac7f07728f4df77978
-
SHA256
36dc746907920eef2aad86633a96a0e2aa119b0fc6fe69e578ee5271dd28c598
-
SHA512
6ea45d93a872fe816b43644827c7e43e5b35d267d2ca41a23a3d86df81094b1d0fc2423e2963ac90439a000ad3b8664e4093a88ecaf3c444cb5f9973ca006206
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
36dc746907920eef2aad86633a96a0e2aa119b0fc6fe69e578ee5271dd28c598
-
Size
725KB
-
MD5
8dc5701aec8d5572c7f6c858f7a11215
-
SHA1
0127a329ef2b1b6c3aa82fac7f07728f4df77978
-
SHA256
36dc746907920eef2aad86633a96a0e2aa119b0fc6fe69e578ee5271dd28c598
-
SHA512
6ea45d93a872fe816b43644827c7e43e5b35d267d2ca41a23a3d86df81094b1d0fc2423e2963ac90439a000ad3b8664e4093a88ecaf3c444cb5f9973ca006206
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-