General
-
Target
9356506457dc510ea9bb2743be661106573beb605dc6127bbf0a82b524eb8c88
-
Size
3.6MB
-
Sample
220215-jya16aceg8
-
MD5
81a66564a1a5c2c2b7189681326804aa
-
SHA1
ac5e9117eea3f03baaf261125492610ec0bbdeb8
-
SHA256
9356506457dc510ea9bb2743be661106573beb605dc6127bbf0a82b524eb8c88
-
SHA512
e445e8a7f61353036ffb8c0b38efb5945411b6c7ff58f7920aa6b9328616da5f1fc87894c6ddf301eaec1226c5ca766d7aaabe3bbe7de4fb6a0a3356e8b513ec
Static task
static1
Behavioral task
behavioral1
Sample
9356506457dc510ea9bb2743be661106573beb605dc6127bbf0a82b524eb8c88.exe
Resource
win7-en-20211208
Malware Config
Extracted
vidar
48.1
932
https://koyu.space/@rspich
-
profile_id
932
Targets
-
-
Target
9356506457dc510ea9bb2743be661106573beb605dc6127bbf0a82b524eb8c88
-
Size
3.6MB
-
MD5
81a66564a1a5c2c2b7189681326804aa
-
SHA1
ac5e9117eea3f03baaf261125492610ec0bbdeb8
-
SHA256
9356506457dc510ea9bb2743be661106573beb605dc6127bbf0a82b524eb8c88
-
SHA512
e445e8a7f61353036ffb8c0b38efb5945411b6c7ff58f7920aa6b9328616da5f1fc87894c6ddf301eaec1226c5ca766d7aaabe3bbe7de4fb6a0a3356e8b513ec
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Vidar Stealer
-