General
-
Target
c3fe6eb28ee75fe22ea3bf8c6a15db2c9f7bc7f02158dffe500eddd9a2292a5f
-
Size
404KB
-
Sample
211113-hkgfcaefh9
-
MD5
4601fbdea22dabafeb2b15e1b2df1798
-
SHA1
74e229719501721acbd56e844751df322a9b6b20
-
SHA256
c3fe6eb28ee75fe22ea3bf8c6a15db2c9f7bc7f02158dffe500eddd9a2292a5f
-
SHA512
508d3bc1d8251498b6feec3bdfd32c7c50fe76e538d388847697bc370d1995986bde16c15dff9f77020ee3690ed45cf07f42031f875df5f3d0a7f9d5e728b476
Static task
static1
Malware Config
Extracted
vidar
48.3
754
-
profile_id
754
Targets
-
-
Target
c3fe6eb28ee75fe22ea3bf8c6a15db2c9f7bc7f02158dffe500eddd9a2292a5f
-
Size
404KB
-
MD5
4601fbdea22dabafeb2b15e1b2df1798
-
SHA1
74e229719501721acbd56e844751df322a9b6b20
-
SHA256
c3fe6eb28ee75fe22ea3bf8c6a15db2c9f7bc7f02158dffe500eddd9a2292a5f
-
SHA512
508d3bc1d8251498b6feec3bdfd32c7c50fe76e538d388847697bc370d1995986bde16c15dff9f77020ee3690ed45cf07f42031f875df5f3d0a7f9d5e728b476
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-