General
-
Target
50719557a8c2bc513ace058624c3d772f1c9624ee1e2efa2742a7300ad9d895c
-
Size
724KB
-
Sample
211015-tfzlxabbc7
-
MD5
bdd01199249ceeca52defde881008061
-
SHA1
2873ef182e4f216e2959d9fba1d4f12b53f2d907
-
SHA256
50719557a8c2bc513ace058624c3d772f1c9624ee1e2efa2742a7300ad9d895c
-
SHA512
e81738f7a9f2e21abd37201be7a849fc04c1aa64dba1eb493a83959e0fd84f9d9a8ceb2b9556f69fcd06a23709ed4d0ea81721c623a42c06ca79e45d766fb963
Static task
static1
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
50719557a8c2bc513ace058624c3d772f1c9624ee1e2efa2742a7300ad9d895c
-
Size
724KB
-
MD5
bdd01199249ceeca52defde881008061
-
SHA1
2873ef182e4f216e2959d9fba1d4f12b53f2d907
-
SHA256
50719557a8c2bc513ace058624c3d772f1c9624ee1e2efa2742a7300ad9d895c
-
SHA512
e81738f7a9f2e21abd37201be7a849fc04c1aa64dba1eb493a83959e0fd84f9d9a8ceb2b9556f69fcd06a23709ed4d0ea81721c623a42c06ca79e45d766fb963
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-