General
-
Target
38c0f733e983c0e12a6ab7ba2b1415ed
-
Size
1.2MB
-
Sample
211101-mq4kaahfc6
-
MD5
38c0f733e983c0e12a6ab7ba2b1415ed
-
SHA1
ef4d3272107b362eaa8e78ba73373304110d040a
-
SHA256
2c9c18cd54e6e08db64b4b5e3f511624287c2ac2ac7d65693a1767424a871d1c
-
SHA512
aed4e4ae28d7490e01a3b8ab9bec2497a5ed433bb51913da2d2acb46fadda446f58334cf2cb1c20e5e501872a467b9c79cb5add24c4999ab848ddd69a8738126
Static task
static1
Behavioral task
behavioral1
Sample
38c0f733e983c0e12a6ab7ba2b1415ed.exe
Resource
win7-en-20211014
Malware Config
Extracted
vidar
41.6
921
https://mas.to/@lilocc
-
profile_id
921
Targets
-
-
Target
38c0f733e983c0e12a6ab7ba2b1415ed
-
Size
1.2MB
-
MD5
38c0f733e983c0e12a6ab7ba2b1415ed
-
SHA1
ef4d3272107b362eaa8e78ba73373304110d040a
-
SHA256
2c9c18cd54e6e08db64b4b5e3f511624287c2ac2ac7d65693a1767424a871d1c
-
SHA512
aed4e4ae28d7490e01a3b8ab9bec2497a5ed433bb51913da2d2acb46fadda446f58334cf2cb1c20e5e501872a467b9c79cb5add24c4999ab848ddd69a8738126
-
Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-