General
-
Target
Setup.exe
-
Size
339.9MB
-
Sample
221004-qft5msbad5
-
MD5
07f0df3179c1fcbfe869f722ecf7ac75
-
SHA1
8e02994751ff285b73f754bba905f8fb51d30a0d
-
SHA256
c13dcc3cc19c0fdc0a7dc0e808ad60e01f5d3621ba0ac275c1b77685029c051c
-
SHA512
f9fbc0bee6b072317e9694b2e3fae8097f91ee3974f3f3ea7cd2d74fe8aa0ade5d0ff8da3bb053714be48c10773d50b46f37b56abc7ca13724e77c87e2149a65
-
SSDEEP
98304:sV/ipmm1FVRngLCBx4bA1c80G8PsEju2EjWqnFG:P0SsCBMA1cdGqbuLy
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20220901-en
Malware Config
Extracted
vidar
54.8
1281
https://t.me/dsjdsnxshjx
-
profile_id
1281
Targets
-
-
Target
Setup.exe
-
Size
339.9MB
-
MD5
07f0df3179c1fcbfe869f722ecf7ac75
-
SHA1
8e02994751ff285b73f754bba905f8fb51d30a0d
-
SHA256
c13dcc3cc19c0fdc0a7dc0e808ad60e01f5d3621ba0ac275c1b77685029c051c
-
SHA512
f9fbc0bee6b072317e9694b2e3fae8097f91ee3974f3f3ea7cd2d74fe8aa0ade5d0ff8da3bb053714be48c10773d50b46f37b56abc7ca13724e77c87e2149a65
-
SSDEEP
98304:sV/ipmm1FVRngLCBx4bA1c80G8PsEju2EjWqnFG:P0SsCBMA1cdGqbuLy
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-