General
-
Target
c160cb769bfb707ff6767ab01991c4cc108faae8fd550c8691fc95d21365b136
-
Size
557KB
-
Sample
220725-e8qgdafbal
-
MD5
033c29be1dfc36591fbd7504a226a218
-
SHA1
50ebe18622f19e87bdf2f40d95fbab1872139307
-
SHA256
c160cb769bfb707ff6767ab01991c4cc108faae8fd550c8691fc95d21365b136
-
SHA512
0d2d282b85899054a0ba284203488ed1cca7ef54a5d92d2a3301e15e720edd91837bd5049160cf85b7fa712534bc245fd69c0d8b4672d8c7ef4381b11a6c5d97
Behavioral task
behavioral1
Sample
c160cb769bfb707ff6767ab01991c4cc108faae8fd550c8691fc95d21365b136.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
c160cb769bfb707ff6767ab01991c4cc108faae8fd550c8691fc95d21365b136.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
vidar
7.7
93
http://search.ac.ug/
-
profile_id
93
Targets
-
-
Target
c160cb769bfb707ff6767ab01991c4cc108faae8fd550c8691fc95d21365b136
-
Size
557KB
-
MD5
033c29be1dfc36591fbd7504a226a218
-
SHA1
50ebe18622f19e87bdf2f40d95fbab1872139307
-
SHA256
c160cb769bfb707ff6767ab01991c4cc108faae8fd550c8691fc95d21365b136
-
SHA512
0d2d282b85899054a0ba284203488ed1cca7ef54a5d92d2a3301e15e720edd91837bd5049160cf85b7fa712534bc245fd69c0d8b4672d8c7ef4381b11a6c5d97
Score10/10-
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-