General
-
Target
9824cbd1f17ca98049d3e69bbd9b0e137d7eb13beb51e333bcb737e45d0a5d0e
-
Size
669KB
-
Sample
220926-nq7glsafc4
-
MD5
74fd5ef3c9138f9b2aefc26cf715f9f9
-
SHA1
e9adc08cb9304c5ed51af585b3e68ab211d61c6b
-
SHA256
9824cbd1f17ca98049d3e69bbd9b0e137d7eb13beb51e333bcb737e45d0a5d0e
-
SHA512
f2fbb450ff6efbc4051b5e060c3eebb9dc439c18dd77c4ee8149b4ac80aeb9b7a4fb34d6fe6c96176ebfc9898df88795d679eafef984b844a3720359d390bc35
-
SSDEEP
6144:2QcBjz1yLJ/RzdeeMeGlsK7Sd7SEmGva9pqPQ1W2wkW7mYiV5t:jaOZUj7MOE9v1KW7Tid
Static task
static1
Malware Config
Extracted
vidar
54.6
1680
https://t.me/huobiinside
https://mas.to/@kyriazhs1975
-
profile_id
1680
Targets
-
-
Target
9824cbd1f17ca98049d3e69bbd9b0e137d7eb13beb51e333bcb737e45d0a5d0e
-
Size
669KB
-
MD5
74fd5ef3c9138f9b2aefc26cf715f9f9
-
SHA1
e9adc08cb9304c5ed51af585b3e68ab211d61c6b
-
SHA256
9824cbd1f17ca98049d3e69bbd9b0e137d7eb13beb51e333bcb737e45d0a5d0e
-
SHA512
f2fbb450ff6efbc4051b5e060c3eebb9dc439c18dd77c4ee8149b4ac80aeb9b7a4fb34d6fe6c96176ebfc9898df88795d679eafef984b844a3720359d390bc35
-
SSDEEP
6144:2QcBjz1yLJ/RzdeeMeGlsK7Sd7SEmGva9pqPQ1W2wkW7mYiV5t:jaOZUj7MOE9v1KW7Tid
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-