General
-
Target
1bd335fdd3217b9b4f47e84a49a2d89270af55b352a3cba97ed883893b74b5fd
-
Size
722KB
-
Sample
211016-m9v29abhe8
-
MD5
700b7df670df22fb531ddba5713e2fb7
-
SHA1
0349126d37bae630dde77206d17e64fe1c8accee
-
SHA256
1bd335fdd3217b9b4f47e84a49a2d89270af55b352a3cba97ed883893b74b5fd
-
SHA512
4cbdca937466a584c2d2f497199cc1b31a4757685709a553981b3320c8b9998d0a513e8fe88aaebdba0b616369db67fbd734117c951843c3a993128f26464e0b
Static task
static1
Malware Config
Extracted
vidar
41.4
1008
https://mas.to/@sslam
-
profile_id
1008
Targets
-
-
Target
1bd335fdd3217b9b4f47e84a49a2d89270af55b352a3cba97ed883893b74b5fd
-
Size
722KB
-
MD5
700b7df670df22fb531ddba5713e2fb7
-
SHA1
0349126d37bae630dde77206d17e64fe1c8accee
-
SHA256
1bd335fdd3217b9b4f47e84a49a2d89270af55b352a3cba97ed883893b74b5fd
-
SHA512
4cbdca937466a584c2d2f497199cc1b31a4757685709a553981b3320c8b9998d0a513e8fe88aaebdba0b616369db67fbd734117c951843c3a993128f26464e0b
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-