General
-
Target
68500c8b75de9b1d90413e76ff387c83de0baed753ffa20dba6e79a115030a8a
-
Size
643KB
-
Sample
220330-bqf87sabaj
-
MD5
f2dc72a4c7b3a3a740d89922e63afde6
-
SHA1
11fb502178f2d05070740d4148b2ce2314d7a639
-
SHA256
68500c8b75de9b1d90413e76ff387c83de0baed753ffa20dba6e79a115030a8a
-
SHA512
d3d5c9ebacd8f1af297fffb5ec4bb2c50e716e0e249a15fef07b4d2c27c3d99ea2c84130497d6fad019a80e2d7052e90b1941521e8845c9c3e9c19c11a691983
Static task
static1
Behavioral task
behavioral1
Sample
68500c8b75de9b1d90413e76ff387c83de0baed753ffa20dba6e79a115030a8a.exe
Resource
win7-20220311-en
Malware Config
Extracted
vidar
34.3
754
http://ps5rent.com/
-
profile_id
754
Targets
-
-
Target
68500c8b75de9b1d90413e76ff387c83de0baed753ffa20dba6e79a115030a8a
-
Size
643KB
-
MD5
f2dc72a4c7b3a3a740d89922e63afde6
-
SHA1
11fb502178f2d05070740d4148b2ce2314d7a639
-
SHA256
68500c8b75de9b1d90413e76ff387c83de0baed753ffa20dba6e79a115030a8a
-
SHA512
d3d5c9ebacd8f1af297fffb5ec4bb2c50e716e0e249a15fef07b4d2c27c3d99ea2c84130497d6fad019a80e2d7052e90b1941521e8845c9c3e9c19c11a691983
-
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
-
Vidar Stealer
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-