General
-
Target
5dcf6b7fd4c5338b59ad310d03e709fe8bd341da0a0f486b585963e727e28df9
-
Size
725KB
-
Sample
211015-grmp9safa2
-
MD5
225fab509f18ac82c1164e3b4ae0d264
-
SHA1
b1192caa3d81a8edf63145db09e7a3e839ed17bd
-
SHA256
5dcf6b7fd4c5338b59ad310d03e709fe8bd341da0a0f486b585963e727e28df9
-
SHA512
04b02c1a8769e14416392f0e2817eed02347c3c49c590426791ad110ae622ce4277e5d41ff6932b176ff3dd5deafc7ab35b201c502090394bbe79607bb3b7c05
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
5dcf6b7fd4c5338b59ad310d03e709fe8bd341da0a0f486b585963e727e28df9
-
Size
725KB
-
MD5
225fab509f18ac82c1164e3b4ae0d264
-
SHA1
b1192caa3d81a8edf63145db09e7a3e839ed17bd
-
SHA256
5dcf6b7fd4c5338b59ad310d03e709fe8bd341da0a0f486b585963e727e28df9
-
SHA512
04b02c1a8769e14416392f0e2817eed02347c3c49c590426791ad110ae622ce4277e5d41ff6932b176ff3dd5deafc7ab35b201c502090394bbe79607bb3b7c05
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-