General
-
Target
a12047a1279ef9c5f1c3ff7e6983a6c4a6e87ee4157ec2265239b9f07c59718e
-
Size
722KB
-
Sample
211016-pjjbwabhh9
-
MD5
50dc845a0713e113a9535c00e1815695
-
SHA1
a157ce88de83c3798a4938cc2c07067ed4123a6b
-
SHA256
a12047a1279ef9c5f1c3ff7e6983a6c4a6e87ee4157ec2265239b9f07c59718e
-
SHA512
fcf90bde73f9f78f53f0de37fadaf6eb1a78a9636518fd437b99913981cb96190adbef82c5400d4f9fc4f335e6b79f0c71eaa6332ca6cf3e71c6866fe77a09a5
Static task
static1
Malware Config
Extracted
vidar
41.4
1008
https://mas.to/@sslam
-
profile_id
1008
Targets
-
-
Target
a12047a1279ef9c5f1c3ff7e6983a6c4a6e87ee4157ec2265239b9f07c59718e
-
Size
722KB
-
MD5
50dc845a0713e113a9535c00e1815695
-
SHA1
a157ce88de83c3798a4938cc2c07067ed4123a6b
-
SHA256
a12047a1279ef9c5f1c3ff7e6983a6c4a6e87ee4157ec2265239b9f07c59718e
-
SHA512
fcf90bde73f9f78f53f0de37fadaf6eb1a78a9636518fd437b99913981cb96190adbef82c5400d4f9fc4f335e6b79f0c71eaa6332ca6cf3e71c6866fe77a09a5
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-