General
-
Target
d5c55582392771d747e99d748d3060c99d329ff826da768c9c0a8b975b739bcb
-
Size
629KB
-
Sample
220215-ggbv1sbde6
-
MD5
c611ab25cb2f384c7349a90c3706c0a9
-
SHA1
3abeb6a762c580a485faff32f3e5d1b1af21bc4d
-
SHA256
d5c55582392771d747e99d748d3060c99d329ff826da768c9c0a8b975b739bcb
-
SHA512
d483c084e09f70fec9bf309f48692c7fbbcc48afc3f6989e41d3fb99e9ed0e7f5130585a5607dc308fac32fa92e2c09edb143611c6835e7aad560dd06e9f147d
Static task
static1
Behavioral task
behavioral1
Sample
d5c55582392771d747e99d748d3060c99d329ff826da768c9c0a8b975b739bcb.exe
Resource
win7-en-20211208
Malware Config
Extracted
vidar
48.3
937
-
profile_id
937
Targets
-
-
Target
d5c55582392771d747e99d748d3060c99d329ff826da768c9c0a8b975b739bcb
-
Size
629KB
-
MD5
c611ab25cb2f384c7349a90c3706c0a9
-
SHA1
3abeb6a762c580a485faff32f3e5d1b1af21bc4d
-
SHA256
d5c55582392771d747e99d748d3060c99d329ff826da768c9c0a8b975b739bcb
-
SHA512
d483c084e09f70fec9bf309f48692c7fbbcc48afc3f6989e41d3fb99e9ed0e7f5130585a5607dc308fac32fa92e2c09edb143611c6835e7aad560dd06e9f147d
-
Vidar Stealer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-