General
-
Target
d477ad3c2013fd0471729aa76d86474c70abc3b318eafaeac1578d443fe3bdb3
-
Size
682KB
-
Sample
220220-hxcb6ahhd5
-
MD5
36f839a4fb92bb63426ea56622d0f33e
-
SHA1
22a165166f6f87cb70a7aaa0ef8f906c1e0657a6
-
SHA256
d477ad3c2013fd0471729aa76d86474c70abc3b318eafaeac1578d443fe3bdb3
-
SHA512
a0a7b7b7cc986a4901b4f4f4eaa3018fe8ae3fd9a95ad9bf2122ce10fb57651ddefa12c14b8d1050cdc514ae446d5f64c80c6d6fbd9a2104eacc70be671b9fe4
Malware Config
Extracted
vidar
50.2
565
https://c.im/@killern3ax
https://qoto.org/@kill4rnix
-
profile_id
565
Targets
-
-
Target
d477ad3c2013fd0471729aa76d86474c70abc3b318eafaeac1578d443fe3bdb3
-
Size
682KB
-
MD5
36f839a4fb92bb63426ea56622d0f33e
-
SHA1
22a165166f6f87cb70a7aaa0ef8f906c1e0657a6
-
SHA256
d477ad3c2013fd0471729aa76d86474c70abc3b318eafaeac1578d443fe3bdb3
-
SHA512
a0a7b7b7cc986a4901b4f4f4eaa3018fe8ae3fd9a95ad9bf2122ce10fb57651ddefa12c14b8d1050cdc514ae446d5f64c80c6d6fbd9a2104eacc70be671b9fe4
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-