General
-
Target
c5cf8259812fa98f5879d176fb6cc0079481290fe3cd6a389925847e54336e76
-
Size
559KB
-
Sample
220701-e1th3adga7
-
MD5
8664a770ca28eb9803452cd87b53eb3c
-
SHA1
884e729e7b1c1a07c2a1c0403be483f5a4cd957e
-
SHA256
c5cf8259812fa98f5879d176fb6cc0079481290fe3cd6a389925847e54336e76
-
SHA512
32741a6abccebb750d2326116fd02d33f28cfa7d7a7435a3ba56908bb4365214f8d53196607109da6eb0bef7fd497e5aaba951f4c917ceacd195bd2b8a77f61e
Behavioral task
behavioral1
Sample
c5cf8259812fa98f5879d176fb6cc0079481290fe3cd6a389925847e54336e76.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
c5cf8259812fa98f5879d176fb6cc0079481290fe3cd6a389925847e54336e76.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
vidar
7.7
93
http://search.ac.ug/
-
profile_id
93
Targets
-
-
Target
c5cf8259812fa98f5879d176fb6cc0079481290fe3cd6a389925847e54336e76
-
Size
559KB
-
MD5
8664a770ca28eb9803452cd87b53eb3c
-
SHA1
884e729e7b1c1a07c2a1c0403be483f5a4cd957e
-
SHA256
c5cf8259812fa98f5879d176fb6cc0079481290fe3cd6a389925847e54336e76
-
SHA512
32741a6abccebb750d2326116fd02d33f28cfa7d7a7435a3ba56908bb4365214f8d53196607109da6eb0bef7fd497e5aaba951f4c917ceacd195bd2b8a77f61e
Score10/10-
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-