General
-
Target
23cf35ddb4614a333f70d9fec4a97ad02d6e2bbb8c6504d176e2a9e8c6be1357
-
Size
350KB
-
Sample
220707-f7da4adfgm
-
MD5
4de2ae09d2e79bd14e38ba9f100010a4
-
SHA1
669b2b984eafb2f4593a4df87a35e9661c570877
-
SHA256
23cf35ddb4614a333f70d9fec4a97ad02d6e2bbb8c6504d176e2a9e8c6be1357
-
SHA512
cd6ab8478676fb84a3c405250e74d7e10d664ad26ab02974b0472ab384f41598eee87afe76d02137e46cec63684c8ee32b9cfc02f257a5e3930a981a99251d2d
Static task
static1
Malware Config
Extracted
vidar
53.1
1519
https://t.me/tg_dailyrunnings
https://mastodon.online/@olegf9844g
-
profile_id
1519
Targets
-
-
Target
23cf35ddb4614a333f70d9fec4a97ad02d6e2bbb8c6504d176e2a9e8c6be1357
-
Size
350KB
-
MD5
4de2ae09d2e79bd14e38ba9f100010a4
-
SHA1
669b2b984eafb2f4593a4df87a35e9661c570877
-
SHA256
23cf35ddb4614a333f70d9fec4a97ad02d6e2bbb8c6504d176e2a9e8c6be1357
-
SHA512
cd6ab8478676fb84a3c405250e74d7e10d664ad26ab02974b0472ab384f41598eee87afe76d02137e46cec63684c8ee32b9cfc02f257a5e3930a981a99251d2d
-
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
-
Vidar Stealer
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-