General
-
Target
51fda686a2702205373d05e4fa414c0dd78cec4a639f118cfd42dd598483bf5b
-
Size
1.4MB
-
Sample
220520-hpsdeaefg3
-
MD5
527dfd8be2507b6ff19edd7da120d078
-
SHA1
d08565e68cb79a3efcf0ab8d0ad6389f2b948d4c
-
SHA256
51fda686a2702205373d05e4fa414c0dd78cec4a639f118cfd42dd598483bf5b
-
SHA512
96d340a7e965fa49d22b5b818b9fa6e483b9de2c7730dbd9d4394e7db7aea5c8a3b52ace92c015665048a61234d9cbc5db089f86cebaaa5c9bba2d88299a097f
Static task
static1
Behavioral task
behavioral1
Sample
51fda686a2702205373d05e4fa414c0dd78cec4a639f118cfd42dd598483bf5b.exe
Resource
win7-20220414-en
Malware Config
Extracted
vidar
52.2
1326
https://t.me/netflixaccsfree
https://mastodon.social/@ronxik12
-
profile_id
1326
Targets
-
-
Target
51fda686a2702205373d05e4fa414c0dd78cec4a639f118cfd42dd598483bf5b
-
Size
1.4MB
-
MD5
527dfd8be2507b6ff19edd7da120d078
-
SHA1
d08565e68cb79a3efcf0ab8d0ad6389f2b948d4c
-
SHA256
51fda686a2702205373d05e4fa414c0dd78cec4a639f118cfd42dd598483bf5b
-
SHA512
96d340a7e965fa49d22b5b818b9fa6e483b9de2c7730dbd9d4394e7db7aea5c8a3b52ace92c015665048a61234d9cbc5db089f86cebaaa5c9bba2d88299a097f
-
suricata: ET MALWARE Vidar/Arkei/Megumin Stealer Keywords Retrieved
suricata: ET MALWARE Vidar/Arkei/Megumin Stealer Keywords Retrieved
-
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
-
Vidar Stealer
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-