General
-
Target
f700fd436e23d06d5bab9f8063b82bba5ad472cdc8ed5f7cab3bfc4e99f85799
-
Size
634KB
-
Sample
220303-m7fvjsagf6
-
MD5
5d131a92e3334e203f1b5fda3c1a14f1
-
SHA1
ded427c74d607b34994dfec005ed3fd64dee1ee9
-
SHA256
f700fd436e23d06d5bab9f8063b82bba5ad472cdc8ed5f7cab3bfc4e99f85799
-
SHA512
1fefed226605a9f84e1ba46dc9184bb060b4757fcdf3f92db91d1e5faff32b41f92d36defeb35192ef26666b65e5f6d8189196d37c9a78aef6bef2aed90744fc
Static task
static1
Malware Config
Extracted
vidar
50.2
565
https://c.im/@killern3ax
https://qoto.org/@kill4rnix
-
profile_id
565
Targets
-
-
Target
f700fd436e23d06d5bab9f8063b82bba5ad472cdc8ed5f7cab3bfc4e99f85799
-
Size
634KB
-
MD5
5d131a92e3334e203f1b5fda3c1a14f1
-
SHA1
ded427c74d607b34994dfec005ed3fd64dee1ee9
-
SHA256
f700fd436e23d06d5bab9f8063b82bba5ad472cdc8ed5f7cab3bfc4e99f85799
-
SHA512
1fefed226605a9f84e1ba46dc9184bb060b4757fcdf3f92db91d1e5faff32b41f92d36defeb35192ef26666b65e5f6d8189196d37c9a78aef6bef2aed90744fc
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-