General
-
Target
abce6e70bea549781dbf4d47fa938ca4969d820754fbfa9b4b09022474bea96a
-
Size
418KB
-
Sample
211220-rdjrkabeel
-
MD5
e332f25d76930a3f512763de95f187e3
-
SHA1
d9ff04c03c9e3de529d7eaf69eef7219df07195f
-
SHA256
abce6e70bea549781dbf4d47fa938ca4969d820754fbfa9b4b09022474bea96a
-
SHA512
595b4953674b7eee85480822d3d15ac11b14271b95406629b2563d5f8b557ca1fc8bac5c23ddb2f09f1b69a4f307be166fb02c7e86ecf30ff9e32208cb96ba3a
Static task
static1
Behavioral task
behavioral1
Sample
abce6e70bea549781dbf4d47fa938ca4969d820754fbfa9b4b09022474bea96a.exe
Resource
win7-en-20211208
Malware Config
Extracted
vidar
32.5
237
http://freedomainsdesign.com/
-
profile_id
237
Targets
-
-
Target
abce6e70bea549781dbf4d47fa938ca4969d820754fbfa9b4b09022474bea96a
-
Size
418KB
-
MD5
e332f25d76930a3f512763de95f187e3
-
SHA1
d9ff04c03c9e3de529d7eaf69eef7219df07195f
-
SHA256
abce6e70bea549781dbf4d47fa938ca4969d820754fbfa9b4b09022474bea96a
-
SHA512
595b4953674b7eee85480822d3d15ac11b14271b95406629b2563d5f8b557ca1fc8bac5c23ddb2f09f1b69a4f307be166fb02c7e86ecf30ff9e32208cb96ba3a
-
Vidar Stealer
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-