General
-
Target
1eccbdefba2e01b0f5b470d3881f7dc3b3c488d42f5ddbb7c72474dd11a011cb
-
Size
538KB
-
Sample
221028-e266jseed6
-
MD5
4ee1469f7e23dab24cec9f5e33f4412a
-
SHA1
3e0e749ef2bb6c5cb02ae78d9493f17bffd9b734
-
SHA256
1eccbdefba2e01b0f5b470d3881f7dc3b3c488d42f5ddbb7c72474dd11a011cb
-
SHA512
9b51f6d33d471c48ae40400d14bc31fde949cc39d90c4a9e0b305a586ea84a1767972a66b10afd970eba4c73df50ba8d40b356581728dcf599429d86f5909e83
-
SSDEEP
12288:PNv1HWSpJ6N+ewwhCyxXjYEH3ndTRD7Mhc0ZdQtPqnAFu6:Px12c6UeKyF0E3zvwHPQwnAY
Static task
static1
Behavioral task
behavioral1
Sample
1eccbdefba2e01b0f5b470d3881f7dc3b3c488d42f5ddbb7c72474dd11a011cb.exe
Resource
win7-20220901-en
Malware Config
Extracted
vidar
55.2
1707
https://t.me/slivetalks
https://c.im/@xinibin420
-
profile_id
1707
Targets
-
-
Target
1eccbdefba2e01b0f5b470d3881f7dc3b3c488d42f5ddbb7c72474dd11a011cb
-
Size
538KB
-
MD5
4ee1469f7e23dab24cec9f5e33f4412a
-
SHA1
3e0e749ef2bb6c5cb02ae78d9493f17bffd9b734
-
SHA256
1eccbdefba2e01b0f5b470d3881f7dc3b3c488d42f5ddbb7c72474dd11a011cb
-
SHA512
9b51f6d33d471c48ae40400d14bc31fde949cc39d90c4a9e0b305a586ea84a1767972a66b10afd970eba4c73df50ba8d40b356581728dcf599429d86f5909e83
-
SSDEEP
12288:PNv1HWSpJ6N+ewwhCyxXjYEH3ndTRD7Mhc0ZdQtPqnAFu6:Px12c6UeKyF0E3zvwHPQwnAY
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-