General
-
Target
eufive_20211019-214047
-
Size
694KB
-
Sample
211020-kkchhaggd9
-
MD5
8613a711ed44cee2ceefa24f846e7302
-
SHA1
f6be3a2a99e3a9b156a790c3720366d0ff4c0680
-
SHA256
7a3b8ae397c869f72fd01365d53346cc8d6933d9edfcf2c53285ab265d66784a
-
SHA512
6332f1e979459e4b4a18009025b5922ccefde95ebb738b5130cea4b6da16f0d533c6a09c9b6dd877273219361d4f991c5f5869c59f131a72f5180c3c1add6162
Static task
static1
Behavioral task
behavioral1
Sample
eufive_20211019-214047.exe
Resource
win7-en-20210920
Malware Config
Extracted
vidar
41.5
865
https://mas.to/@xeroxxx
-
profile_id
865
Targets
-
-
Target
eufive_20211019-214047
-
Size
694KB
-
MD5
8613a711ed44cee2ceefa24f846e7302
-
SHA1
f6be3a2a99e3a9b156a790c3720366d0ff4c0680
-
SHA256
7a3b8ae397c869f72fd01365d53346cc8d6933d9edfcf2c53285ab265d66784a
-
SHA512
6332f1e979459e4b4a18009025b5922ccefde95ebb738b5130cea4b6da16f0d533c6a09c9b6dd877273219361d4f991c5f5869c59f131a72f5180c3c1add6162
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-