General
-
Target
b0788093ab423639aefac4eb31d8a2d1.exe
-
Size
393KB
-
Sample
220702-zxqcfshhgl
-
MD5
b0788093ab423639aefac4eb31d8a2d1
-
SHA1
35d5bfc9f3ff67a50558fccbe8b2c45eead03661
-
SHA256
6e20db9320c1902cff4324891402a7ab38fdf118131c69a3e47578589efc130d
-
SHA512
7cb35b890646e099fab47b1581e9c2acd5daae29e9b1788a1815496a51983aefacbad360be49be26cdc6787d36c9e5e2032b9571b5be3154ac1995ec456da758
Static task
static1
Behavioral task
behavioral1
Sample
b0788093ab423639aefac4eb31d8a2d1.exe
Resource
win7-20220414-en
Malware Config
Extracted
vidar
53
937
https://t.me/ch_inagroup
https://mastodon.social/@olegf9844e
-
profile_id
937
Targets
-
-
Target
b0788093ab423639aefac4eb31d8a2d1.exe
-
Size
393KB
-
MD5
b0788093ab423639aefac4eb31d8a2d1
-
SHA1
35d5bfc9f3ff67a50558fccbe8b2c45eead03661
-
SHA256
6e20db9320c1902cff4324891402a7ab38fdf118131c69a3e47578589efc130d
-
SHA512
7cb35b890646e099fab47b1581e9c2acd5daae29e9b1788a1815496a51983aefacbad360be49be26cdc6787d36c9e5e2032b9571b5be3154ac1995ec456da758
-
suricata: ET MALWARE Vidar/Arkei/Megumin Stealer Keywords Retrieved
suricata: ET MALWARE Vidar/Arkei/Megumin Stealer Keywords Retrieved
-
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
-
Vidar Stealer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-