General
-
Target
5541502d09ad65ecc21f1896d27b82c1b6f45fa8c3203974ab1103d79fe9a9d8
-
Size
441KB
-
Sample
220706-tanbpagfb5
-
MD5
3568033d3be14e5ff29e7c6109090dd5
-
SHA1
bd3551d1646c7ca5bb372add25fc153394812a3d
-
SHA256
5541502d09ad65ecc21f1896d27b82c1b6f45fa8c3203974ab1103d79fe9a9d8
-
SHA512
5d154aa05f99ebb15f49f87151b71bb455ca222ec63035005e0de4530c105106160fa491f4c1392f6b0afcf2b0c76eca97e45a96b45d1af860ec854602c13007
Static task
static1
Malware Config
Extracted
vidar
53.1
1519
https://t.me/tg_dailyrunnings
https://mastodon.online/@olegf9844g
-
profile_id
1519
Targets
-
-
Target
5541502d09ad65ecc21f1896d27b82c1b6f45fa8c3203974ab1103d79fe9a9d8
-
Size
441KB
-
MD5
3568033d3be14e5ff29e7c6109090dd5
-
SHA1
bd3551d1646c7ca5bb372add25fc153394812a3d
-
SHA256
5541502d09ad65ecc21f1896d27b82c1b6f45fa8c3203974ab1103d79fe9a9d8
-
SHA512
5d154aa05f99ebb15f49f87151b71bb455ca222ec63035005e0de4530c105106160fa491f4c1392f6b0afcf2b0c76eca97e45a96b45d1af860ec854602c13007
-
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
-
Vidar Stealer
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-