General
-
Target
b0a671b7efd31ef626581aef4be6af4e3c9a7a840b6959ad66ffee186354f862
-
Size
557KB
-
Sample
220724-z4xecaghcn
-
MD5
885a469df9346a97e0e4dc82a0e5dbe7
-
SHA1
0c43af591710b049749428d00f100eeb07db091b
-
SHA256
b0a671b7efd31ef626581aef4be6af4e3c9a7a840b6959ad66ffee186354f862
-
SHA512
51fe933b476da96d36ed57f77433b3f3ff141935428f11ea4b1c87fc558795db8344d0eaa6faf41e7994dd14646306aafd770f429ec70e40f634ddbf4ce82011
Behavioral task
behavioral1
Sample
b0a671b7efd31ef626581aef4be6af4e3c9a7a840b6959ad66ffee186354f862.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
b0a671b7efd31ef626581aef4be6af4e3c9a7a840b6959ad66ffee186354f862.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
vidar
7.7
93
http://search.ac.ug/
-
profile_id
93
Targets
-
-
Target
b0a671b7efd31ef626581aef4be6af4e3c9a7a840b6959ad66ffee186354f862
-
Size
557KB
-
MD5
885a469df9346a97e0e4dc82a0e5dbe7
-
SHA1
0c43af591710b049749428d00f100eeb07db091b
-
SHA256
b0a671b7efd31ef626581aef4be6af4e3c9a7a840b6959ad66ffee186354f862
-
SHA512
51fe933b476da96d36ed57f77433b3f3ff141935428f11ea4b1c87fc558795db8344d0eaa6faf41e7994dd14646306aafd770f429ec70e40f634ddbf4ce82011
Score10/10-
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-