General
-
Target
29d05edb48e51c99a95191d453cc9075459586b497e49a7beb9454cc2b6d492a
-
Size
729KB
-
Sample
211015-xhhyqabcd2
-
MD5
17ecb6083e1e20c25023a6c21cd039da
-
SHA1
ff54615f1225cc43def6f6e02aa886de86eb8693
-
SHA256
29d05edb48e51c99a95191d453cc9075459586b497e49a7beb9454cc2b6d492a
-
SHA512
d94a4f1516fa825535b290fadbeb924c61c3d7f702f828553a3911dbfe3d63cce62802a4fb336f2332f3a87d35e9b2ed7198ed803e72bc3dee03532e609612f6
Static task
static1
Malware Config
Extracted
vidar
41.4
1008
https://mas.to/@sslam
-
profile_id
1008
Targets
-
-
Target
29d05edb48e51c99a95191d453cc9075459586b497e49a7beb9454cc2b6d492a
-
Size
729KB
-
MD5
17ecb6083e1e20c25023a6c21cd039da
-
SHA1
ff54615f1225cc43def6f6e02aa886de86eb8693
-
SHA256
29d05edb48e51c99a95191d453cc9075459586b497e49a7beb9454cc2b6d492a
-
SHA512
d94a4f1516fa825535b290fadbeb924c61c3d7f702f828553a3911dbfe3d63cce62802a4fb336f2332f3a87d35e9b2ed7198ed803e72bc3dee03532e609612f6
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-