General
-
Target
91c990286a2a22d3ad69e7ca232ec9d5.exe
-
Size
488KB
-
Sample
221030-hcxglagghp
-
MD5
91c990286a2a22d3ad69e7ca232ec9d5
-
SHA1
e59c0dea97e97fba10e2d181b71675be2674650d
-
SHA256
6e8b8a1d654dfedfa6d56e2f43a049eb491370ff46e0668fe5cfd7489b4b125c
-
SHA512
01494032ff25ef0c4ad91db9a98e3cc441aac0c912706b5b67a994a824c68b7707bee8b59c67e80e0c5d1b80192d93f852f52eb24e8c0e421f1d021530ce1fc5
-
SSDEEP
6144:2N1loB6IG97sDqcnH+jp/RJHUwMAOdobaz7vQ3fRyXcGyHT0yhU1GCSjA1xkyWXb:kk6IG971b5MeeQ5QNyHU1SjkWlgCt
Static task
static1
Behavioral task
behavioral1
Sample
91c990286a2a22d3ad69e7ca232ec9d5.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
55.2
1707
https://t.me/slivetalks
https://c.im/@xinibin420
-
profile_id
1707
Targets
-
-
Target
91c990286a2a22d3ad69e7ca232ec9d5.exe
-
Size
488KB
-
MD5
91c990286a2a22d3ad69e7ca232ec9d5
-
SHA1
e59c0dea97e97fba10e2d181b71675be2674650d
-
SHA256
6e8b8a1d654dfedfa6d56e2f43a049eb491370ff46e0668fe5cfd7489b4b125c
-
SHA512
01494032ff25ef0c4ad91db9a98e3cc441aac0c912706b5b67a994a824c68b7707bee8b59c67e80e0c5d1b80192d93f852f52eb24e8c0e421f1d021530ce1fc5
-
SSDEEP
6144:2N1loB6IG97sDqcnH+jp/RJHUwMAOdobaz7vQ3fRyXcGyHT0yhU1GCSjA1xkyWXb:kk6IG971b5MeeQ5QNyHU1SjkWlgCt
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-