General
-
Target
986d8afe1667f71f932278ba2a448b747eb936c39bc32afc243bb1b3ee51f4fe
-
Size
721KB
-
Sample
220215-jrt6fsdhbm
-
MD5
92b961314c40415b0334d4d71a981fac
-
SHA1
55643d7f35f5585862221dd9158eba7cc459d013
-
SHA256
986d8afe1667f71f932278ba2a448b747eb936c39bc32afc243bb1b3ee51f4fe
-
SHA512
0c600e1fa006287d6bbb6b060d0881e345e64123b140d95f973fb5eed5d1a7a9bbc2f5ad72276605a0981b3375d837f6aa00a532000edec24e845d594858a258
Static task
static1
Behavioral task
behavioral1
Sample
986d8afe1667f71f932278ba2a448b747eb936c39bc32afc243bb1b3ee51f4fe.exe
Resource
win7-en-20211208
Malware Config
Extracted
vidar
47.8
932
https://mas.to/@romashkin
-
profile_id
932
Targets
-
-
Target
986d8afe1667f71f932278ba2a448b747eb936c39bc32afc243bb1b3ee51f4fe
-
Size
721KB
-
MD5
92b961314c40415b0334d4d71a981fac
-
SHA1
55643d7f35f5585862221dd9158eba7cc459d013
-
SHA256
986d8afe1667f71f932278ba2a448b747eb936c39bc32afc243bb1b3ee51f4fe
-
SHA512
0c600e1fa006287d6bbb6b060d0881e345e64123b140d95f973fb5eed5d1a7a9bbc2f5ad72276605a0981b3375d837f6aa00a532000edec24e845d594858a258
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Vidar Stealer
-