General
-
Target
317e6d0c61edc2d145f8f29a19e1ecee049f6f3cff8decd0f5d8171ab99f9813
-
Size
640KB
-
Sample
220215-rvjswsfhd6
-
MD5
81843d9c10e65eeead6650766ba18d08
-
SHA1
618f493341aea26dc4d7c46dae854d5c1d56bcbf
-
SHA256
317e6d0c61edc2d145f8f29a19e1ecee049f6f3cff8decd0f5d8171ab99f9813
-
SHA512
89a75dcb396ab86a4bb495ed14176b2f0a7b31949fbba02e8cdcb04967595269048dd95683391e16cd431c235ff90d5a62e616ac997cb9f983a7f358dc3dab63
Static task
static1
Behavioral task
behavioral1
Sample
317e6d0c61edc2d145f8f29a19e1ecee049f6f3cff8decd0f5d8171ab99f9813.exe
Resource
win7-en-20211208
Malware Config
Extracted
vidar
41.6
937
https://mas.to/@lilocc
-
profile_id
937
Targets
-
-
Target
317e6d0c61edc2d145f8f29a19e1ecee049f6f3cff8decd0f5d8171ab99f9813
-
Size
640KB
-
MD5
81843d9c10e65eeead6650766ba18d08
-
SHA1
618f493341aea26dc4d7c46dae854d5c1d56bcbf
-
SHA256
317e6d0c61edc2d145f8f29a19e1ecee049f6f3cff8decd0f5d8171ab99f9813
-
SHA512
89a75dcb396ab86a4bb495ed14176b2f0a7b31949fbba02e8cdcb04967595269048dd95683391e16cd431c235ff90d5a62e616ac997cb9f983a7f358dc3dab63
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Vidar Stealer
-