General
-
Target
7a2a40b536d4cc69886636cfee52eda36c84b8ef3aacef5d45ac599610a81dab
-
Size
11.4MB
-
Sample
220926-eyshzshde2
-
MD5
158d9316aec4349870263c7822c416ac
-
SHA1
d7f09e7682a0bf2ff225171ab9aed702ea0471e5
-
SHA256
7a2a40b536d4cc69886636cfee52eda36c84b8ef3aacef5d45ac599610a81dab
-
SHA512
a229379ae8dbe8c3b8faee1deb8f3e7559004f1150b2ce4bab6ea51ec27e19dd66251bf24f659cdb378fe8994557324c693fbe2b927843988b50955bd70688ea
-
SSDEEP
98304:WlXW+rqJ0Qjbfg8WykZwLTG+yFiE0AcBUie6duGUajfTtEISfM3PdZFJFtvq7pef:WGVggIwZlIXajNPTFJirgxRChvA1qU
Static task
static1
Malware Config
Extracted
vidar
54.6
1680
https://t.me/huobiinside
https://mas.to/@kyriazhs1975
-
profile_id
1680
Targets
-
-
Target
7a2a40b536d4cc69886636cfee52eda36c84b8ef3aacef5d45ac599610a81dab
-
Size
11.4MB
-
MD5
158d9316aec4349870263c7822c416ac
-
SHA1
d7f09e7682a0bf2ff225171ab9aed702ea0471e5
-
SHA256
7a2a40b536d4cc69886636cfee52eda36c84b8ef3aacef5d45ac599610a81dab
-
SHA512
a229379ae8dbe8c3b8faee1deb8f3e7559004f1150b2ce4bab6ea51ec27e19dd66251bf24f659cdb378fe8994557324c693fbe2b927843988b50955bd70688ea
-
SSDEEP
98304:WlXW+rqJ0Qjbfg8WykZwLTG+yFiE0AcBUie6duGUajfTtEISfM3PdZFJFtvq7pef:WGVggIwZlIXajNPTFJirgxRChvA1qU
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-