General
-
Target
8a1adbbc7e66684159da4fe7392da62083de89bc188545122172e2003d16450e
-
Size
722KB
-
Sample
211016-qsg1vacab8
-
MD5
078bc0578d77117482856030b971e595
-
SHA1
06f018515b42f7d2a9b338420e9e842437c4b544
-
SHA256
8a1adbbc7e66684159da4fe7392da62083de89bc188545122172e2003d16450e
-
SHA512
81630b521178be2d68d35743d1bb40afaf814150794397b4ea1e3ad97c266a2563e67379f39f75331e22658deddad9d955359e659a87a56f41ca7e0c0d83813f
Static task
static1
Malware Config
Extracted
vidar
41.4
1008
https://mas.to/@sslam
-
profile_id
1008
Targets
-
-
Target
8a1adbbc7e66684159da4fe7392da62083de89bc188545122172e2003d16450e
-
Size
722KB
-
MD5
078bc0578d77117482856030b971e595
-
SHA1
06f018515b42f7d2a9b338420e9e842437c4b544
-
SHA256
8a1adbbc7e66684159da4fe7392da62083de89bc188545122172e2003d16450e
-
SHA512
81630b521178be2d68d35743d1bb40afaf814150794397b4ea1e3ad97c266a2563e67379f39f75331e22658deddad9d955359e659a87a56f41ca7e0c0d83813f
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-