General
-
Target
12587c1b10db42589b5b5cf8c14198752c6807d0480fac55e024210d0b915285
-
Size
555KB
-
Sample
220603-t5svnagbhl
-
MD5
8908e1556eaa543261fbadbea56ad2e9
-
SHA1
8da4f5d3c1059a3f256ac64a4da0909913c9d123
-
SHA256
12587c1b10db42589b5b5cf8c14198752c6807d0480fac55e024210d0b915285
-
SHA512
19dc971087a9ba0c282032d4eaa99f459e0d475a25ec231773c397f544f819f849c860d3bc590d8fe9a06d29dde833c469bcaacbdf32271c9fb2bb2fd761b7f6
Behavioral task
behavioral1
Sample
12587c1b10db42589b5b5cf8c14198752c6807d0480fac55e024210d0b915285.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
12587c1b10db42589b5b5cf8c14198752c6807d0480fac55e024210d0b915285.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
vidar
7.7
93
http://search.ac.ug/
-
profile_id
93
Targets
-
-
Target
12587c1b10db42589b5b5cf8c14198752c6807d0480fac55e024210d0b915285
-
Size
555KB
-
MD5
8908e1556eaa543261fbadbea56ad2e9
-
SHA1
8da4f5d3c1059a3f256ac64a4da0909913c9d123
-
SHA256
12587c1b10db42589b5b5cf8c14198752c6807d0480fac55e024210d0b915285
-
SHA512
19dc971087a9ba0c282032d4eaa99f459e0d475a25ec231773c397f544f819f849c860d3bc590d8fe9a06d29dde833c469bcaacbdf32271c9fb2bb2fd761b7f6
Score10/10-
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-