General
-
Target
b91df3382fb792927b7a43f595102a68
-
Size
738KB
-
Sample
220114-e8ae6aece4
-
MD5
b91df3382fb792927b7a43f595102a68
-
SHA1
98fc7fd55800a296405da0c4dcfb4aabba017566
-
SHA256
48c7a0f90aeb87e9ba5feb08b5bedbcb70aacf2632636f71a62e2ffdd551ec98
-
SHA512
900f10fcb648cfc565c3b0a9ccd1f934180a7706cdad3255f2add66395085df53b0158848f04dcb1ad17fd664b83062e5889f2b95d7fd7f842365c649fa725d4
Static task
static1
Behavioral task
behavioral1
Sample
b91df3382fb792927b7a43f595102a68.exe
Resource
win7-en-20211208
Malware Config
Extracted
vidar
49.6
565
https://noc.social/@banda5ker
https://mastodon.social/@banda6ker
-
profile_id
565
Targets
-
-
Target
b91df3382fb792927b7a43f595102a68
-
Size
738KB
-
MD5
b91df3382fb792927b7a43f595102a68
-
SHA1
98fc7fd55800a296405da0c4dcfb4aabba017566
-
SHA256
48c7a0f90aeb87e9ba5feb08b5bedbcb70aacf2632636f71a62e2ffdd551ec98
-
SHA512
900f10fcb648cfc565c3b0a9ccd1f934180a7706cdad3255f2add66395085df53b0158848f04dcb1ad17fd664b83062e5889f2b95d7fd7f842365c649fa725d4
-
Vidar Stealer
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-