General
-
Target
eufive_20211017-054109
-
Size
764KB
-
Sample
211017-p1fbjscfa8
-
MD5
750c721da3f0c4e92c4ad6575d001fc5
-
SHA1
9b6dba1f851a2547a548ad6f763f4106b2a52548
-
SHA256
d605cb3d3e95410f22556b3126bfc0801263ad3dadc3aafe4c0ce678c0019314
-
SHA512
e2fa6ba17882a3dd9069a006266e4a166a92cc7a788475555370e28d85b7089915c55b9c2f4e4120a5aebee1d547d0ce39c82cfc0c61172806200e8a51c3dea8
Static task
static1
Behavioral task
behavioral1
Sample
eufive_20211017-054109.exe
Resource
win7-en-20210920
Malware Config
Extracted
vidar
41.4
865
https://mas.to/@sslam
-
profile_id
865
Targets
-
-
Target
eufive_20211017-054109
-
Size
764KB
-
MD5
750c721da3f0c4e92c4ad6575d001fc5
-
SHA1
9b6dba1f851a2547a548ad6f763f4106b2a52548
-
SHA256
d605cb3d3e95410f22556b3126bfc0801263ad3dadc3aafe4c0ce678c0019314
-
SHA512
e2fa6ba17882a3dd9069a006266e4a166a92cc7a788475555370e28d85b7089915c55b9c2f4e4120a5aebee1d547d0ce39c82cfc0c61172806200e8a51c3dea8
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-