General
-
Target
dfa11feceee8ccba3c361bd547626842b812f95a509f5e8131a31e78a324abd2
-
Size
555KB
-
Sample
220303-q667wsbdf6
-
MD5
80808ecfd3fe752f2930bbf9d3d61843
-
SHA1
93625ff9adba8a83188cae3b1665c13d26ec6ae8
-
SHA256
dfa11feceee8ccba3c361bd547626842b812f95a509f5e8131a31e78a324abd2
-
SHA512
0d652e1bf709c54dfcaa2b077be678fdc08737695d6f6f7eee0feb4355e9098930a38903e0b73c87ebeed9cfd7d7eb153f5bb03a1e5e6130a10b007923e43c6a
Static task
static1
Malware Config
Extracted
vidar
50.4
565
https://mastodon.online/@samsa11
https://koyu.space/@samsa2l
-
profile_id
565
Targets
-
-
Target
dfa11feceee8ccba3c361bd547626842b812f95a509f5e8131a31e78a324abd2
-
Size
555KB
-
MD5
80808ecfd3fe752f2930bbf9d3d61843
-
SHA1
93625ff9adba8a83188cae3b1665c13d26ec6ae8
-
SHA256
dfa11feceee8ccba3c361bd547626842b812f95a509f5e8131a31e78a324abd2
-
SHA512
0d652e1bf709c54dfcaa2b077be678fdc08737695d6f6f7eee0feb4355e9098930a38903e0b73c87ebeed9cfd7d7eb153f5bb03a1e5e6130a10b007923e43c6a
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-