General
-
Target
3deeb4aeff0f7f95b214fc53c1937f12.exe
-
Size
11.4MB
-
Sample
220925-hx8eladfh6
-
MD5
3deeb4aeff0f7f95b214fc53c1937f12
-
SHA1
be37a1bf42682f8ae9432661e0cf174176953839
-
SHA256
acd478880086402aaaeea0f106d0f37790ee6775ff6d3e398fb4fcdf26f622b4
-
SHA512
d5f56285c705238429a610746a7b6a2cbb7481a269a50d5c5c221cc518d6aad47572ad5c1b5b7aacbbaab0fd49f15135e7983006e3e09619471d33d34729b1b8
-
SSDEEP
98304:gSJHInsbfKlCfhXjrRjIhBMHJDOgfLXoyEfOpV5FKk+s+vsuVdSym0l/JIaU7bjK:VbfK0IhcRhLjSk2VAiPAoNhBDypVevv
Static task
static1
Behavioral task
behavioral1
Sample
3deeb4aeff0f7f95b214fc53c1937f12.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
54.6
1680
https://t.me/huobiinside
https://mas.to/@kyriazhs1975
-
profile_id
1680
Targets
-
-
Target
3deeb4aeff0f7f95b214fc53c1937f12.exe
-
Size
11.4MB
-
MD5
3deeb4aeff0f7f95b214fc53c1937f12
-
SHA1
be37a1bf42682f8ae9432661e0cf174176953839
-
SHA256
acd478880086402aaaeea0f106d0f37790ee6775ff6d3e398fb4fcdf26f622b4
-
SHA512
d5f56285c705238429a610746a7b6a2cbb7481a269a50d5c5c221cc518d6aad47572ad5c1b5b7aacbbaab0fd49f15135e7983006e3e09619471d33d34729b1b8
-
SSDEEP
98304:gSJHInsbfKlCfhXjrRjIhBMHJDOgfLXoyEfOpV5FKk+s+vsuVdSym0l/JIaU7bjK:VbfK0IhcRhLjSk2VAiPAoNhBDypVevv
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-