General
-
Target
9ca8917f05e4aba70e38234b3f9e19ae10e368b7830f2d3147249be9f645823c
-
Size
458KB
-
Sample
220327-zdfnxacfh6
-
MD5
447a0125f5ab6e3299b4ec775eaff7d1
-
SHA1
82b318a76b365031095324562444a409336cd507
-
SHA256
9ca8917f05e4aba70e38234b3f9e19ae10e368b7830f2d3147249be9f645823c
-
SHA512
c2420fe1d29ed83c3c494a2a1a560141cc69642331e08d675faa8af466973d93703d3c137a972393afb80cef9edf5ef4034e5479fa9a06dd2ce825ce8176b955
Static task
static1
Behavioral task
behavioral1
Sample
9ca8917f05e4aba70e38234b3f9e19ae10e368b7830f2d3147249be9f645823c.exe
Resource
win7-20220331-en
Malware Config
Extracted
vidar
34.2
399
http://poolventsystems.com/
-
profile_id
399
Targets
-
-
Target
9ca8917f05e4aba70e38234b3f9e19ae10e368b7830f2d3147249be9f645823c
-
Size
458KB
-
MD5
447a0125f5ab6e3299b4ec775eaff7d1
-
SHA1
82b318a76b365031095324562444a409336cd507
-
SHA256
9ca8917f05e4aba70e38234b3f9e19ae10e368b7830f2d3147249be9f645823c
-
SHA512
c2420fe1d29ed83c3c494a2a1a560141cc69642331e08d675faa8af466973d93703d3c137a972393afb80cef9edf5ef4034e5479fa9a06dd2ce825ce8176b955
-
Vidar Stealer
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-