General
-
Target
4d2aa90eec2827ae5d6e88ec4f9250468e670481e791c01393b44bf1b851e15e
-
Size
402KB
-
Sample
220415-j9a6asgba3
-
MD5
dd7b5b86f468df24c5532e4b03b5d08e
-
SHA1
86053502b43de4177c826925fc1b51fe7dfbaa80
-
SHA256
4d2aa90eec2827ae5d6e88ec4f9250468e670481e791c01393b44bf1b851e15e
-
SHA512
461ae681ac7672ea6392dfd8d18665f420371062f3918c8e3dd56c21535e7eda8ded7c3daa4a2e3a5f57e0eb79812994ed6a18aa27ac0718a96bc45ae7e6a6f5
Static task
static1
Behavioral task
behavioral1
Sample
4d2aa90eec2827ae5d6e88ec4f9250468e670481e791c01393b44bf1b851e15e.exe
Resource
win7-20220414-en
Malware Config
Extracted
vidar
34.1
237
http://nextgentoolkit.com/
-
profile_id
237
Targets
-
-
Target
4d2aa90eec2827ae5d6e88ec4f9250468e670481e791c01393b44bf1b851e15e
-
Size
402KB
-
MD5
dd7b5b86f468df24c5532e4b03b5d08e
-
SHA1
86053502b43de4177c826925fc1b51fe7dfbaa80
-
SHA256
4d2aa90eec2827ae5d6e88ec4f9250468e670481e791c01393b44bf1b851e15e
-
SHA512
461ae681ac7672ea6392dfd8d18665f420371062f3918c8e3dd56c21535e7eda8ded7c3daa4a2e3a5f57e0eb79812994ed6a18aa27ac0718a96bc45ae7e6a6f5
-
Vidar Stealer
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-