General
-
Target
22d4fc482bcc4118267ef5dec980de12c96b5911249b3b2b954358ccdd99c02c
-
Size
556KB
-
Sample
220612-d8w4gsghe7
-
MD5
2b77ea887092ec3b0ce2704c138ce33b
-
SHA1
2fb7c8a6f2fd683378179c1535003fda3eb2e819
-
SHA256
22d4fc482bcc4118267ef5dec980de12c96b5911249b3b2b954358ccdd99c02c
-
SHA512
0fb055a6c1f75603abf511996de4197ff9d09a008f1fe0450f03a25057d910d2e07f3559001d615d1b639dabdde33fbd1f16aa27fda90cd6c521d96a09b7e61c
Behavioral task
behavioral1
Sample
22d4fc482bcc4118267ef5dec980de12c96b5911249b3b2b954358ccdd99c02c.exe
Resource
win7-20220414-en
Malware Config
Extracted
vidar
6.5
237
http://yourseo.ac.ug/
-
profile_id
237
Targets
-
-
Target
22d4fc482bcc4118267ef5dec980de12c96b5911249b3b2b954358ccdd99c02c
-
Size
556KB
-
MD5
2b77ea887092ec3b0ce2704c138ce33b
-
SHA1
2fb7c8a6f2fd683378179c1535003fda3eb2e819
-
SHA256
22d4fc482bcc4118267ef5dec980de12c96b5911249b3b2b954358ccdd99c02c
-
SHA512
0fb055a6c1f75603abf511996de4197ff9d09a008f1fe0450f03a25057d910d2e07f3559001d615d1b639dabdde33fbd1f16aa27fda90cd6c521d96a09b7e61c
-
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-