General
-
Target
1beaef74306bbdd4be8b54bc51cc89df09ab313ce0a2c1a60342b109ab850912
-
Size
669KB
-
Sample
220926-nr678safc7
-
MD5
f3b8073c759e649cec9978db8454f3cc
-
SHA1
2a4163302f08f7beb7461c9fc99bea1103ddcd34
-
SHA256
1beaef74306bbdd4be8b54bc51cc89df09ab313ce0a2c1a60342b109ab850912
-
SHA512
fa65e4f3e01f6d0a2b5e3875e61e996588f055c2e4ace845554af2273771b2b3ed1e7c548e164c5827060e2cf955f8b6f4699383e1bb1a54c2030fc0254416c6
-
SSDEEP
6144:vgcBjz77P/xF/eeMeGlsK7Sd7SEmGva9pqPQ1W2waW7mYiVO0B:oan3Ij7MOE9v1oW7TiU
Static task
static1
Malware Config
Extracted
vidar
54.6
1680
https://t.me/huobiinside
https://mas.to/@kyriazhs1975
-
profile_id
1680
Targets
-
-
Target
1beaef74306bbdd4be8b54bc51cc89df09ab313ce0a2c1a60342b109ab850912
-
Size
669KB
-
MD5
f3b8073c759e649cec9978db8454f3cc
-
SHA1
2a4163302f08f7beb7461c9fc99bea1103ddcd34
-
SHA256
1beaef74306bbdd4be8b54bc51cc89df09ab313ce0a2c1a60342b109ab850912
-
SHA512
fa65e4f3e01f6d0a2b5e3875e61e996588f055c2e4ace845554af2273771b2b3ed1e7c548e164c5827060e2cf955f8b6f4699383e1bb1a54c2030fc0254416c6
-
SSDEEP
6144:vgcBjz77P/xF/eeMeGlsK7Sd7SEmGva9pqPQ1W2waW7mYiVO0B:oan3Ij7MOE9v1oW7TiU
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-