General
-
Target
eufive_20211113-202410
-
Size
746KB
-
Sample
211114-qfsa2sgde4
-
MD5
b3d8ef72641d7185a4d9cd375b1c58c0
-
SHA1
572c61e29f79fe230f01765649f0d4e23750ebcf
-
SHA256
9b4f1eb3a32adca7704427940a1e1495316af29febfba97d3a414e3f3826a8ee
-
SHA512
b5d5bcc307f7dca4945b5e3268436510e9feaedae04d3beceda8dee637ff3a6516ebead804a9896d47e10dd91fa9ff1fdb7a78e3ce0b884bb48d97b6887e8983
Static task
static1
Behavioral task
behavioral1
Sample
eufive_20211113-202410.exe
Resource
win7-en-20211014
Malware Config
Extracted
vidar
48.3
824
-
profile_id
824
Targets
-
-
Target
eufive_20211113-202410
-
Size
746KB
-
MD5
b3d8ef72641d7185a4d9cd375b1c58c0
-
SHA1
572c61e29f79fe230f01765649f0d4e23750ebcf
-
SHA256
9b4f1eb3a32adca7704427940a1e1495316af29febfba97d3a414e3f3826a8ee
-
SHA512
b5d5bcc307f7dca4945b5e3268436510e9feaedae04d3beceda8dee637ff3a6516ebead804a9896d47e10dd91fa9ff1fdb7a78e3ce0b884bb48d97b6887e8983
-
Vidar Stealer
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-