General
-
Target
6706a58566975b9cbee564ccd83c293b681e7285d3e27089230e9e4441be4125
-
Size
11.4MB
-
Sample
220924-1xgkzscbd6
-
MD5
955ae05e966a84b8d258b9ec41a68b12
-
SHA1
bcf7e805d033e2df0534f3bd90c81c788050f780
-
SHA256
6706a58566975b9cbee564ccd83c293b681e7285d3e27089230e9e4441be4125
-
SHA512
929d64d22304f4f8b68861ee0aae6f2c8fd09a3ccf10764fef0a414b5c75c0f1fd9b8a1fc74dffbac340843283926d12d7c14bdf31e577fe7e65eee56b36de9e
-
SSDEEP
196608:i4QSbg8A/X2taX96wsnGnY4cvaixkMZoi0hOXXrpGNDKr8:iUh8i8
Static task
static1
Malware Config
Extracted
vidar
54.6
1680
https://t.me/huobiinside
https://mas.to/@kyriazhs1975
-
profile_id
1680
Targets
-
-
Target
6706a58566975b9cbee564ccd83c293b681e7285d3e27089230e9e4441be4125
-
Size
11.4MB
-
MD5
955ae05e966a84b8d258b9ec41a68b12
-
SHA1
bcf7e805d033e2df0534f3bd90c81c788050f780
-
SHA256
6706a58566975b9cbee564ccd83c293b681e7285d3e27089230e9e4441be4125
-
SHA512
929d64d22304f4f8b68861ee0aae6f2c8fd09a3ccf10764fef0a414b5c75c0f1fd9b8a1fc74dffbac340843283926d12d7c14bdf31e577fe7e65eee56b36de9e
-
SSDEEP
196608:i4QSbg8A/X2taX96wsnGnY4cvaixkMZoi0hOXXrpGNDKr8:iUh8i8
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-