General
-
Target
2e761c847dd0a6251eebb313e7403ce182e263907a9e1fd0a2f114a89e5df3f3
-
Size
724KB
-
Sample
211015-ks16tsagb5
-
MD5
1d9b8748e8f7f0c3b0fcc56564d142cf
-
SHA1
a56bf45d7a3e5b082e7d18e3e3994372cefb5a3e
-
SHA256
2e761c847dd0a6251eebb313e7403ce182e263907a9e1fd0a2f114a89e5df3f3
-
SHA512
ee6ed753a03235cc609550627519e8e01977d65a03f0bac27997fc5b6afdf3454b0acb186c1050e86265427966cb0d08da4e2bf0def4c09ccbe838b74bca3eef
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
2e761c847dd0a6251eebb313e7403ce182e263907a9e1fd0a2f114a89e5df3f3
-
Size
724KB
-
MD5
1d9b8748e8f7f0c3b0fcc56564d142cf
-
SHA1
a56bf45d7a3e5b082e7d18e3e3994372cefb5a3e
-
SHA256
2e761c847dd0a6251eebb313e7403ce182e263907a9e1fd0a2f114a89e5df3f3
-
SHA512
ee6ed753a03235cc609550627519e8e01977d65a03f0bac27997fc5b6afdf3454b0acb186c1050e86265427966cb0d08da4e2bf0def4c09ccbe838b74bca3eef
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-