General
-
Target
eufive_20211020-131551
-
Size
763KB
-
Sample
211020-nd7xlsghh3
-
MD5
226b319cce57ec00ebe811d410ceb8de
-
SHA1
7bd906633da42aeecd2a5de4a7f839b99569c441
-
SHA256
799ffd369cc156ebe592bf296983103cc8debc218bcd7469bf2b64aeaa98881a
-
SHA512
f98f6f010bc3b56a9fb4de8118df6e6d933c3c19ce2a144c102b207d1582011c630623d10b6f31eaccd055b91b45e0299132568971dac3eecfe273c7edf36e26
Static task
static1
Behavioral task
behavioral1
Sample
eufive_20211020-131551.exe
Resource
win7-en-20211014
Malware Config
Extracted
vidar
41.5
865
https://mas.to/@xeroxxx
-
profile_id
865
Targets
-
-
Target
eufive_20211020-131551
-
Size
763KB
-
MD5
226b319cce57ec00ebe811d410ceb8de
-
SHA1
7bd906633da42aeecd2a5de4a7f839b99569c441
-
SHA256
799ffd369cc156ebe592bf296983103cc8debc218bcd7469bf2b64aeaa98881a
-
SHA512
f98f6f010bc3b56a9fb4de8118df6e6d933c3c19ce2a144c102b207d1582011c630623d10b6f31eaccd055b91b45e0299132568971dac3eecfe273c7edf36e26
-
Vidar Stealer
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-