General
-
Target
02303a665b7c5e81aaac34d2ff0f98c2da777f6e582603c526536da7d0dd12c9
-
Size
484KB
-
Sample
220324-xkjm2aheeq
-
MD5
32eee49a755cb1b32bc9d713d8c7decd
-
SHA1
5d597f46e31d88959062952eeee1f77ac4b4b100
-
SHA256
02303a665b7c5e81aaac34d2ff0f98c2da777f6e582603c526536da7d0dd12c9
-
SHA512
fbe31889ff8d31686e4f28112769b9f7ace526a1422be3d78424f29bc2ef3da11147baa8f85ec190892d5407fe340f373c1db81743c90cbd186315425ed49539
Static task
static1
Behavioral task
behavioral1
Sample
02303a665b7c5e81aaac34d2ff0f98c2da777f6e582603c526536da7d0dd12c9.exe
Resource
win7-20220310-en
Malware Config
Extracted
vidar
35
754
http://worstyear2020.com/
-
profile_id
754
Targets
-
-
Target
02303a665b7c5e81aaac34d2ff0f98c2da777f6e582603c526536da7d0dd12c9
-
Size
484KB
-
MD5
32eee49a755cb1b32bc9d713d8c7decd
-
SHA1
5d597f46e31d88959062952eeee1f77ac4b4b100
-
SHA256
02303a665b7c5e81aaac34d2ff0f98c2da777f6e582603c526536da7d0dd12c9
-
SHA512
fbe31889ff8d31686e4f28112769b9f7ace526a1422be3d78424f29bc2ef3da11147baa8f85ec190892d5407fe340f373c1db81743c90cbd186315425ed49539
-
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
-
Vidar Stealer
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-