General
-
Target
e95e733bac49684b353f36eab6699cf2381fe70a24780b5f9c4652aedde765db
-
Size
724KB
-
Sample
220215-frq71sbaf7
-
MD5
30553fda3c478ad34cd131e8c737fcd5
-
SHA1
eca040530afda239c342f7d436d51ebbebe2fb2d
-
SHA256
e95e733bac49684b353f36eab6699cf2381fe70a24780b5f9c4652aedde765db
-
SHA512
13ed294b8ea980304b6fb6354d5e6b50e2188f213b68613c8bf03c7d791544d31c4b90aabec6fdf558e4a43d47627d3e920929a7f3b854102939b30f162996c2
Static task
static1
Behavioral task
behavioral1
Sample
e95e733bac49684b353f36eab6699cf2381fe70a24780b5f9c4652aedde765db.exe
Resource
win7-en-20211208
Malware Config
Extracted
vidar
47.8
937
https://mas.to/@romashkin
-
profile_id
937
Targets
-
-
Target
e95e733bac49684b353f36eab6699cf2381fe70a24780b5f9c4652aedde765db
-
Size
724KB
-
MD5
30553fda3c478ad34cd131e8c737fcd5
-
SHA1
eca040530afda239c342f7d436d51ebbebe2fb2d
-
SHA256
e95e733bac49684b353f36eab6699cf2381fe70a24780b5f9c4652aedde765db
-
SHA512
13ed294b8ea980304b6fb6354d5e6b50e2188f213b68613c8bf03c7d791544d31c4b90aabec6fdf558e4a43d47627d3e920929a7f3b854102939b30f162996c2
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Vidar Stealer
-