General
-
Target
38d54d276dafe59385a4bdddd8dbef6a5cdfc7afbe75e275ff613274f103afaf
-
Size
399KB
-
Sample
220519-17f27sfben
-
MD5
89d2c921a6cae15b55e162f8ca73e992
-
SHA1
0bc50a2a1b28ddfdba49fa773a8587019aa74144
-
SHA256
38d54d276dafe59385a4bdddd8dbef6a5cdfc7afbe75e275ff613274f103afaf
-
SHA512
349c7c7b5b28103118e90d3a0819f6e4fbdaf019eb0939333643354ae9110689288da95a8a57f8ab90ff09d567ed189710a194f8e7a9bb62a7a373f51564ed56
Static task
static1
Behavioral task
behavioral1
Sample
38d54d276dafe59385a4bdddd8dbef6a5cdfc7afbe75e275ff613274f103afaf.exe
Resource
win7-20220414-en
Malware Config
Extracted
vidar
52.2
1376
https://t.me/netflixaccsfree
https://mastodon.social/@ronxik12
-
profile_id
1376
Targets
-
-
Target
38d54d276dafe59385a4bdddd8dbef6a5cdfc7afbe75e275ff613274f103afaf
-
Size
399KB
-
MD5
89d2c921a6cae15b55e162f8ca73e992
-
SHA1
0bc50a2a1b28ddfdba49fa773a8587019aa74144
-
SHA256
38d54d276dafe59385a4bdddd8dbef6a5cdfc7afbe75e275ff613274f103afaf
-
SHA512
349c7c7b5b28103118e90d3a0819f6e4fbdaf019eb0939333643354ae9110689288da95a8a57f8ab90ff09d567ed189710a194f8e7a9bb62a7a373f51564ed56
-
suricata: ET MALWARE Vidar/Arkei/Megumin Stealer Keywords Retrieved
suricata: ET MALWARE Vidar/Arkei/Megumin Stealer Keywords Retrieved
-
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
-
Vidar Stealer
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-