General
-
Target
2d5d2dce7139ef4c2fe4547df8f55adf.exe
-
Size
5.0MB
-
Sample
221006-khkq4aggb4
-
MD5
2d5d2dce7139ef4c2fe4547df8f55adf
-
SHA1
bbafa5abc94e048c8a15a2e1a634a15d2fc0dabd
-
SHA256
1a7e5e2d33b3f74fbae9e13f0494dbf29f517572180666589674a328595c27d1
-
SHA512
67217b3a162b023e5dd3cf5c0105faffa00599f5b81006b59d7f1b199c5a2cc91b15ce6026a6e82fccf9ae5a5a9be59b987efab3714f2471ac00cb803deaf276
-
SSDEEP
98304:ABqDwDNCq+8BechdfgHB2gP9kVn0aWAxo7iL/6oPytYb4Bvueil82:AS4Cq7eh2gP9PAxwoPiB2h82
Behavioral task
behavioral1
Sample
2d5d2dce7139ef4c2fe4547df8f55adf.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
54.7
1281
https://t.me/blablblsdfd
-
profile_id
1281
Targets
-
-
Target
2d5d2dce7139ef4c2fe4547df8f55adf.exe
-
Size
5.0MB
-
MD5
2d5d2dce7139ef4c2fe4547df8f55adf
-
SHA1
bbafa5abc94e048c8a15a2e1a634a15d2fc0dabd
-
SHA256
1a7e5e2d33b3f74fbae9e13f0494dbf29f517572180666589674a328595c27d1
-
SHA512
67217b3a162b023e5dd3cf5c0105faffa00599f5b81006b59d7f1b199c5a2cc91b15ce6026a6e82fccf9ae5a5a9be59b987efab3714f2471ac00cb803deaf276
-
SSDEEP
98304:ABqDwDNCq+8BechdfgHB2gP9kVn0aWAxo7iL/6oPytYb4Bvueil82:AS4Cq7eh2gP9PAxwoPiB2h82
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-