General
-
Target
04db169f29d862c1df029f1097d3524191da7931b6f6bb7baa61abdd8d57569d
-
Size
615KB
-
Sample
211220-rd11vaage5
-
MD5
cda44b189cee3ab95aba1dab4eda166b
-
SHA1
8afa52478d294d369a578b71a553793e0dd9915c
-
SHA256
04db169f29d862c1df029f1097d3524191da7931b6f6bb7baa61abdd8d57569d
-
SHA512
f1f736818fb3f2b33e36c46ab7175432702c8bed585a53b102e8eca466674144931e704104883759475eb1e9205ead56de9cd9933ae3b11bb182f3d8535de1bf
Static task
static1
Behavioral task
behavioral1
Sample
04db169f29d862c1df029f1097d3524191da7931b6f6bb7baa61abdd8d57569d.exe
Resource
win7-en-20211208
Malware Config
Extracted
vidar
49.1
903
https://noc.social/@sergeev46
https://c.im/@sergeev47
-
profile_id
903
Targets
-
-
Target
04db169f29d862c1df029f1097d3524191da7931b6f6bb7baa61abdd8d57569d
-
Size
615KB
-
MD5
cda44b189cee3ab95aba1dab4eda166b
-
SHA1
8afa52478d294d369a578b71a553793e0dd9915c
-
SHA256
04db169f29d862c1df029f1097d3524191da7931b6f6bb7baa61abdd8d57569d
-
SHA512
f1f736818fb3f2b33e36c46ab7175432702c8bed585a53b102e8eca466674144931e704104883759475eb1e9205ead56de9cd9933ae3b11bb182f3d8535de1bf
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-