General
-
Target
1beb50ab8de7ec33aec7deb5365fbebce3a91bfe9cf31387a5bf326ace08d48b
-
Size
331KB
-
Sample
221026-hea2daehd6
-
MD5
09551ab38f2e8cf814cf67f5d7a5f8e4
-
SHA1
9f0df37c979517c5c73c62f082ab6ecf87045e17
-
SHA256
1beb50ab8de7ec33aec7deb5365fbebce3a91bfe9cf31387a5bf326ace08d48b
-
SHA512
ee03f58b9a12e34735a0cf98ab4dd8cdc5f8006b657c6077aab457d6f7a585cd9bbe09309060d39764320122ecda85978dd8c4c5d6658f9089c4aeebab97614b
-
SSDEEP
6144:Bnx6fMB7iRLpdZQI9LRdhA4Yz2APhwhlQGruTp10B:Bnx6f4703ZQIBRdhAsAPhwhjSTLc
Static task
static1
Malware Config
Extracted
vidar
55.2
937
https://t.me/slivetalks
https://c.im/@xinibin420
-
profile_id
937
Targets
-
-
Target
1beb50ab8de7ec33aec7deb5365fbebce3a91bfe9cf31387a5bf326ace08d48b
-
Size
331KB
-
MD5
09551ab38f2e8cf814cf67f5d7a5f8e4
-
SHA1
9f0df37c979517c5c73c62f082ab6ecf87045e17
-
SHA256
1beb50ab8de7ec33aec7deb5365fbebce3a91bfe9cf31387a5bf326ace08d48b
-
SHA512
ee03f58b9a12e34735a0cf98ab4dd8cdc5f8006b657c6077aab457d6f7a585cd9bbe09309060d39764320122ecda85978dd8c4c5d6658f9089c4aeebab97614b
-
SSDEEP
6144:Bnx6fMB7iRLpdZQI9LRdhA4Yz2APhwhlQGruTp10B:Bnx6f4703ZQIBRdhAsAPhwhjSTLc
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-