General
-
Target
file.exe
-
Size
349KB
-
Sample
221029-mqjj4sddck
-
MD5
05fa747612349b8a1cc5d73614203358
-
SHA1
d03b722da8d712fbea79d4a2dc42102523516453
-
SHA256
ae2e20a71116e5ac09e9f6add32482938da054e4d6d122499eaaca5fd566c3d1
-
SHA512
68147cff08325e634f89815eb98ff6055b3fbdf6da1c8ae6400303eaa8108b328e2482f137259f1fdb0b36c9d081f535d8fd4fb896cc69b025341fe9668b74a4
-
SSDEEP
6144:i1BiYLCCjjzjxFEyRnXlL15T/eQ6mDZstl:qBt2Cn/7rX5r6EZstl
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
55.3
937
https://t.me/slivetalks
https://c.im/@xinibin420
-
profile_id
937
Targets
-
-
Target
file.exe
-
Size
349KB
-
MD5
05fa747612349b8a1cc5d73614203358
-
SHA1
d03b722da8d712fbea79d4a2dc42102523516453
-
SHA256
ae2e20a71116e5ac09e9f6add32482938da054e4d6d122499eaaca5fd566c3d1
-
SHA512
68147cff08325e634f89815eb98ff6055b3fbdf6da1c8ae6400303eaa8108b328e2482f137259f1fdb0b36c9d081f535d8fd4fb896cc69b025341fe9668b74a4
-
SSDEEP
6144:i1BiYLCCjjzjxFEyRnXlL15T/eQ6mDZstl:qBt2Cn/7rX5r6EZstl
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-