General
-
Target
838b8b5fc2cc64655d3e2930faf5f999.exe
-
Size
488KB
-
Sample
221030-eynj2abha9
-
MD5
838b8b5fc2cc64655d3e2930faf5f999
-
SHA1
60021758441f610962aa64c115c4b6e5af757382
-
SHA256
9463f28e07f665446e8702ec76aa02646f8efc1a9040a2201d6d256c77c8cd87
-
SHA512
da7765fc5863948b8e57b8582525eb93edc4aa2cf1905e88615d72c56179c4f6f9ddee9a1a536ad52e5cabecb3b5243956131ba063a277629c9047278f1a5845
-
SSDEEP
12288:cZyxgC7ZXmsNoJrtRqOcjwh+T2qoLeqhfwGhj:cAz7/yrtbYwh+No55
Static task
static1
Behavioral task
behavioral1
Sample
838b8b5fc2cc64655d3e2930faf5f999.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
55.2
1707
https://t.me/slivetalks
https://c.im/@xinibin420
-
profile_id
1707
Targets
-
-
Target
838b8b5fc2cc64655d3e2930faf5f999.exe
-
Size
488KB
-
MD5
838b8b5fc2cc64655d3e2930faf5f999
-
SHA1
60021758441f610962aa64c115c4b6e5af757382
-
SHA256
9463f28e07f665446e8702ec76aa02646f8efc1a9040a2201d6d256c77c8cd87
-
SHA512
da7765fc5863948b8e57b8582525eb93edc4aa2cf1905e88615d72c56179c4f6f9ddee9a1a536ad52e5cabecb3b5243956131ba063a277629c9047278f1a5845
-
SSDEEP
12288:cZyxgC7ZXmsNoJrtRqOcjwh+T2qoLeqhfwGhj:cAz7/yrtbYwh+No55
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-