General
-
Target
eufive_20211112-045840
-
Size
628KB
-
Sample
211112-lcseesdab8
-
MD5
8563336ff62f0ab2db287d2d59ec5c01
-
SHA1
67d655456d818d217567873e4653696ea98c231c
-
SHA256
7a34f335cb01d36c62960c1959056f3910745f2e65519c48d923a7e3c2b059d0
-
SHA512
e02ec6901ad1d74186bba40ae95ed777e8e382fc64ec0350aff34f79cf5ae05574a62c01a3e6c05b460ea726e4669086c6bee56c67e7b78328b169d37ba8069e
Static task
static1
Behavioral task
behavioral1
Sample
eufive_20211112-045840.exe
Resource
win7-en-20211104
Malware Config
Extracted
vidar
48.3
824
-
profile_id
824
Targets
-
-
Target
eufive_20211112-045840
-
Size
628KB
-
MD5
8563336ff62f0ab2db287d2d59ec5c01
-
SHA1
67d655456d818d217567873e4653696ea98c231c
-
SHA256
7a34f335cb01d36c62960c1959056f3910745f2e65519c48d923a7e3c2b059d0
-
SHA512
e02ec6901ad1d74186bba40ae95ed777e8e382fc64ec0350aff34f79cf5ae05574a62c01a3e6c05b460ea726e4669086c6bee56c67e7b78328b169d37ba8069e
-
Vidar Stealer
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-