General
-
Target
47f577f993a7035bdb760206eb266a25929fbfcb487766d17340f273f87562f8
-
Size
2.0MB
-
Sample
211125-tbr19sfffl
-
MD5
c91731f31094faeaeb21f6a192a8af5a
-
SHA1
a0a79b61a1a047eda980ae7d2d77b959ca39f4c4
-
SHA256
47f577f993a7035bdb760206eb266a25929fbfcb487766d17340f273f87562f8
-
SHA512
37b5b1417679474feef3ca8f1ba60ada0669cbb39ff06617189f8c4ff0fde7ad909613cb1e916f0fd22a30db9ffdaa6e1569f2c37790ba2287fd03e273cb4c8e
Static task
static1
Malware Config
Extracted
vidar
48.7
869
https://mstdn.social/@anapa
https://mastodon.social/@mniami
-
profile_id
869
Targets
-
-
Target
47f577f993a7035bdb760206eb266a25929fbfcb487766d17340f273f87562f8
-
Size
2.0MB
-
MD5
c91731f31094faeaeb21f6a192a8af5a
-
SHA1
a0a79b61a1a047eda980ae7d2d77b959ca39f4c4
-
SHA256
47f577f993a7035bdb760206eb266a25929fbfcb487766d17340f273f87562f8
-
SHA512
37b5b1417679474feef3ca8f1ba60ada0669cbb39ff06617189f8c4ff0fde7ad909613cb1e916f0fd22a30db9ffdaa6e1569f2c37790ba2287fd03e273cb4c8e
-
suricata: ET MALWARE Suspicious Zipped Filename in Outbound POST Request (Passwords.txt)
suricata: ET MALWARE Suspicious Zipped Filename in Outbound POST Request (Passwords.txt)
-
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
suricata: ET MALWARE Vidar/Arkei Stealer Client Data Upload
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-