General
-
Target
c4ba9a8a6a09263b324980cd9fcb50fae2c49aa2ebc47cdcce2d8b9f1c08b8c6
-
Size
348KB
-
Sample
221028-k2v16sfegl
-
MD5
ee19a8acc6c6c1f3ae2d749682694e9a
-
SHA1
6ed9edee943c77413c52777bbf7a9311a972bec4
-
SHA256
c4ba9a8a6a09263b324980cd9fcb50fae2c49aa2ebc47cdcce2d8b9f1c08b8c6
-
SHA512
ae864b3771ced431468b8c03e1817b5a13fcdbf44854dff35eb19859bdbfef19150643eed649e74eb1dbaf41645dbb66304204c4293ef582fb357c20cd9ce85b
-
SSDEEP
6144:I9sH6LUn3szcdTjfu9oAZnXuaeqPOri5qPhAwcSJZ61yJ:I9sH6Y3sQdHW9BemqPJrJ
Static task
static1
Malware Config
Extracted
vidar
55.2
1707
https://t.me/slivetalks
https://c.im/@xinibin420
-
profile_id
1707
Targets
-
-
Target
c4ba9a8a6a09263b324980cd9fcb50fae2c49aa2ebc47cdcce2d8b9f1c08b8c6
-
Size
348KB
-
MD5
ee19a8acc6c6c1f3ae2d749682694e9a
-
SHA1
6ed9edee943c77413c52777bbf7a9311a972bec4
-
SHA256
c4ba9a8a6a09263b324980cd9fcb50fae2c49aa2ebc47cdcce2d8b9f1c08b8c6
-
SHA512
ae864b3771ced431468b8c03e1817b5a13fcdbf44854dff35eb19859bdbfef19150643eed649e74eb1dbaf41645dbb66304204c4293ef582fb357c20cd9ce85b
-
SSDEEP
6144:I9sH6LUn3szcdTjfu9oAZnXuaeqPOri5qPhAwcSJZ61yJ:I9sH6Y3sQdHW9BemqPJrJ
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-