General
-
Target
2231160e71faf8674b8efc0cedf3384db3acc5d66f0276c76b18c7cb5f842ce0_unpacked.exe
-
Size
280KB
-
Sample
220926-kd568sbcbm
-
MD5
2bc296129698df69531a64b0911e2b6c
-
SHA1
c9c5cff6a7e700139d471b0116e12ea0bb17e98e
-
SHA256
595de5a664edf353ccca6e9e50899774eedf4733f1931b0e6e370d866de3e55a
-
SHA512
a5fdd3ecdc6ae4efa24d51668bdbdfc2609313f3d674a4546bb7e0a66d734b4e6fddf262802698628fba24271d4fbad9c20859f1ff8972169218bbd493d024c8
-
SSDEEP
6144:3NyBcukd1tiFqgFGI4pT2GI7DUiySpxQRqViGe:dyrmDiF3FuqDUiySGqVd
Behavioral task
behavioral1
Sample
2231160e71faf8674b8efc0cedf3384db3acc5d66f0276c76b18c7cb5f842ce0_unpacked.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
54.6
1672
https://t.me/huobiinside
https://mas.to/@kyriazhs1975
-
profile_id
1672
Targets
-
-
Target
2231160e71faf8674b8efc0cedf3384db3acc5d66f0276c76b18c7cb5f842ce0_unpacked.exe
-
Size
280KB
-
MD5
2bc296129698df69531a64b0911e2b6c
-
SHA1
c9c5cff6a7e700139d471b0116e12ea0bb17e98e
-
SHA256
595de5a664edf353ccca6e9e50899774eedf4733f1931b0e6e370d866de3e55a
-
SHA512
a5fdd3ecdc6ae4efa24d51668bdbdfc2609313f3d674a4546bb7e0a66d734b4e6fddf262802698628fba24271d4fbad9c20859f1ff8972169218bbd493d024c8
-
SSDEEP
6144:3NyBcukd1tiFqgFGI4pT2GI7DUiySpxQRqViGe:dyrmDiF3FuqDUiySGqVd
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-