General
-
Target
bde9d4072df8de9f47127966f95d735edb25ef48f9a65c23e8aeaa45a76ea391
-
Size
254KB
-
Sample
221026-cl1ygseefl
-
MD5
76f325656b6c72a28cceb40af36e7787
-
SHA1
ff19b08be4d3d20ed17dba6b8c088e4bab7e2472
-
SHA256
bde9d4072df8de9f47127966f95d735edb25ef48f9a65c23e8aeaa45a76ea391
-
SHA512
e51ad1d6f342c466ec5c403abec777ae9cf01576e589cab80dcfa68210b1f747d76caac2f120ce983b6cdcede89368308188f67fdb16a1f890dd0086347891e7
-
SSDEEP
6144:eVchrL/MxI8+9s5MH8tMp17ryj+aAKuC:eVMzMxI8+l2Mp17IpuC
Static task
static1
Malware Config
Extracted
vidar
55.2
937
https://t.me/slivetalks
https://c.im/@xinibin420
-
profile_id
937
Targets
-
-
Target
bde9d4072df8de9f47127966f95d735edb25ef48f9a65c23e8aeaa45a76ea391
-
Size
254KB
-
MD5
76f325656b6c72a28cceb40af36e7787
-
SHA1
ff19b08be4d3d20ed17dba6b8c088e4bab7e2472
-
SHA256
bde9d4072df8de9f47127966f95d735edb25ef48f9a65c23e8aeaa45a76ea391
-
SHA512
e51ad1d6f342c466ec5c403abec777ae9cf01576e589cab80dcfa68210b1f747d76caac2f120ce983b6cdcede89368308188f67fdb16a1f890dd0086347891e7
-
SSDEEP
6144:eVchrL/MxI8+9s5MH8tMp17ryj+aAKuC:eVMzMxI8+l2Mp17IpuC
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-