General
-
Target
3d6f3c84b19b6fc731d00f7c9035fdc523ae455c823ba4e2cc57d0d635fce50b
-
Size
401KB
-
Sample
221005-wb1phsfaf4
-
MD5
dc084f94c0badc5ee5a00affb3fe334d
-
SHA1
d992c38c64d7e7007be14e64a986422e4cbcfb3d
-
SHA256
3d6f3c84b19b6fc731d00f7c9035fdc523ae455c823ba4e2cc57d0d635fce50b
-
SHA512
9f2447cde6d6febf1b8821ea044859a1f24e486618dd39c459c6003228f055720521dc60f641252ae272f0295e27a0ed393bbb79cda12ad614a57e6758c34089
-
SSDEEP
6144:1tiWA8L1AOIz7mfH6n//WZBj/LkZ+afxntlD/ogPtjQkjh6KQyCWCBI4wOFtNCj:1tiAKWfH6n/eZJkZVfxt53hQkjiWCPK
Static task
static1
Malware Config
Extracted
vidar
54.9
1680
https://t.me/larsenup
https://ioc.exchange/@zebra54
-
profile_id
1680
Targets
-
-
Target
3d6f3c84b19b6fc731d00f7c9035fdc523ae455c823ba4e2cc57d0d635fce50b
-
Size
401KB
-
MD5
dc084f94c0badc5ee5a00affb3fe334d
-
SHA1
d992c38c64d7e7007be14e64a986422e4cbcfb3d
-
SHA256
3d6f3c84b19b6fc731d00f7c9035fdc523ae455c823ba4e2cc57d0d635fce50b
-
SHA512
9f2447cde6d6febf1b8821ea044859a1f24e486618dd39c459c6003228f055720521dc60f641252ae272f0295e27a0ed393bbb79cda12ad614a57e6758c34089
-
SSDEEP
6144:1tiWA8L1AOIz7mfH6n//WZBj/LkZ+afxntlD/ogPtjQkjh6KQyCWCBI4wOFtNCj:1tiAKWfH6n/eZJkZVfxt53hQkjiWCPK
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-