General
-
Target
c6d498cd38207bbfa0c8cac0caf0394d4dd4282c0fb32134afa142423260513d
-
Size
728KB
-
Sample
211016-kzydhsbgf9
-
MD5
60b734ef01c5b17da06aef9f4297406c
-
SHA1
6b5ea629752358b9772a7f1822b9a416d6e18efe
-
SHA256
c6d498cd38207bbfa0c8cac0caf0394d4dd4282c0fb32134afa142423260513d
-
SHA512
7284a30563d7b4af74e0a1baba2e4faaf1a8d6acda7a974de5bfac4f28d6909e0f0901d381a0966fafe770166600346a3b26cc0918ac1e49ef0acebd3925c3df
Static task
static1
Malware Config
Extracted
vidar
41.4
1008
https://mas.to/@sslam
-
profile_id
1008
Targets
-
-
Target
c6d498cd38207bbfa0c8cac0caf0394d4dd4282c0fb32134afa142423260513d
-
Size
728KB
-
MD5
60b734ef01c5b17da06aef9f4297406c
-
SHA1
6b5ea629752358b9772a7f1822b9a416d6e18efe
-
SHA256
c6d498cd38207bbfa0c8cac0caf0394d4dd4282c0fb32134afa142423260513d
-
SHA512
7284a30563d7b4af74e0a1baba2e4faaf1a8d6acda7a974de5bfac4f28d6909e0f0901d381a0966fafe770166600346a3b26cc0918ac1e49ef0acebd3925c3df
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-