General
-
Target
f16953dfb98fb54bde6e9410883839e228ee09aa0a09892ab56a5ddfc76e7a0e
-
Size
332KB
-
Sample
221024-rdgbfahbdn
-
MD5
e75ec445beb33e400201791a3fba433d
-
SHA1
a2c29449d05c2a26077e45dfcb45e37ef7c638a8
-
SHA256
f16953dfb98fb54bde6e9410883839e228ee09aa0a09892ab56a5ddfc76e7a0e
-
SHA512
4efdb748bcaef9aa1ca5bc934d5797f692a7bbd974fc675318124a4bfce62e074fd32a3033a10057a5af5cc1b9d2c7d87de316c31bce0f5b7d61983f1f967134
-
SSDEEP
6144:0vOVeLGesIxkyUJ/++5zPFj3D5HtFMLbv3:0vOw7sWi1+uzPFrD+f/
Static task
static1
Malware Config
Extracted
vidar
55.2
937
https://t.me/slivetalks
https://c.im/@xinibin420
-
profile_id
937
Targets
-
-
Target
f16953dfb98fb54bde6e9410883839e228ee09aa0a09892ab56a5ddfc76e7a0e
-
Size
332KB
-
MD5
e75ec445beb33e400201791a3fba433d
-
SHA1
a2c29449d05c2a26077e45dfcb45e37ef7c638a8
-
SHA256
f16953dfb98fb54bde6e9410883839e228ee09aa0a09892ab56a5ddfc76e7a0e
-
SHA512
4efdb748bcaef9aa1ca5bc934d5797f692a7bbd974fc675318124a4bfce62e074fd32a3033a10057a5af5cc1b9d2c7d87de316c31bce0f5b7d61983f1f967134
-
SSDEEP
6144:0vOVeLGesIxkyUJ/++5zPFj3D5HtFMLbv3:0vOw7sWi1+uzPFrD+f/
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-