General
-
Target
298a433691049122d54b2e0b9dba6b8da6e992f0129565229f45c41c9881514d
-
Size
382.3MB
-
Sample
220930-v5gcasebh2
-
MD5
6bd50c2ee32d2f045293255218b61452
-
SHA1
7e7f5b03e4d5f693988667451b0c3000a3645b2a
-
SHA256
298a433691049122d54b2e0b9dba6b8da6e992f0129565229f45c41c9881514d
-
SHA512
ae31305edae93c695065aa0ccaf54678112e58415b1e5b8189125d7035627c0ceeda19c78e37c2002726348bd8df10fecee3016e2e5590d3440dcf402129ea99
-
SSDEEP
196608:mr+M/9knU7aRgfeqmshM0cbpsN6t0y7d+:mr+M/qU70gfZm8MDbpsN6tZ0
Behavioral task
behavioral1
Sample
298a433691049122d54b2e0b9dba6b8da6e992f0129565229f45c41c9881514d.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
54.7
1281
https://t.me/blablblsdfd
-
profile_id
1281
Targets
-
-
Target
298a433691049122d54b2e0b9dba6b8da6e992f0129565229f45c41c9881514d
-
Size
382.3MB
-
MD5
6bd50c2ee32d2f045293255218b61452
-
SHA1
7e7f5b03e4d5f693988667451b0c3000a3645b2a
-
SHA256
298a433691049122d54b2e0b9dba6b8da6e992f0129565229f45c41c9881514d
-
SHA512
ae31305edae93c695065aa0ccaf54678112e58415b1e5b8189125d7035627c0ceeda19c78e37c2002726348bd8df10fecee3016e2e5590d3440dcf402129ea99
-
SSDEEP
196608:mr+M/9knU7aRgfeqmshM0cbpsN6t0y7d+:mr+M/qU70gfZm8MDbpsN6tZ0
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-