General
-
Target
Setup.exe
-
Size
7.2MB
-
Sample
221106-mxtcwsgcd9
-
MD5
cca944b8e306af7f9d0ab0cff13bf3a7
-
SHA1
8b1d8de5ccff3328afe1cf9784e81163bc89b3c5
-
SHA256
e45dbe7cb55c15faa395640121286cb2d61bb3655e9da26f9ea3d1d2f2c47880
-
SHA512
9bdbdf3a60305bcb97fb786990a56c18faa0f29d220896b5f5a5e1ea32d4b91616f3b439e65835a1c2de2b388a51218a9f3442cec5cb266687a321bdc50185af
-
SSDEEP
196608:DsAIJgne0xMOEkC14KqFaitT9AMeptlkYdi+dO2o:DAJgnpjEtqFlpAMMqYIM
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20220901-en
Malware Config
Extracted
vidar
55.5
1707
https://t.me/tg_turgay
https://ioc.exchange/@xiteb15011
-
profile_id
1707
Targets
-
-
Target
Setup.exe
-
Size
7.2MB
-
MD5
cca944b8e306af7f9d0ab0cff13bf3a7
-
SHA1
8b1d8de5ccff3328afe1cf9784e81163bc89b3c5
-
SHA256
e45dbe7cb55c15faa395640121286cb2d61bb3655e9da26f9ea3d1d2f2c47880
-
SHA512
9bdbdf3a60305bcb97fb786990a56c18faa0f29d220896b5f5a5e1ea32d4b91616f3b439e65835a1c2de2b388a51218a9f3442cec5cb266687a321bdc50185af
-
SSDEEP
196608:DsAIJgne0xMOEkC14KqFaitT9AMeptlkYdi+dO2o:DAJgnpjEtqFlpAMMqYIM
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-