General
-
Target
file.exe
-
Size
365KB
-
Sample
221106-sfkx3sgdd8
-
MD5
4f079611c829965b37599ab3eacf1d5b
-
SHA1
e811577cd81fb79ca1f4329c19e97205725d32c3
-
SHA256
22a1d7e1b13a129f516a25f8f640cf744c1b37f1263bef3a1e02d99182e2dc25
-
SHA512
8b0d475825aaa266e1ce079e6c678a2d3f52ac4f1937e6bb9c419ba631f032198ea4e99f0df19b517d26b86bc8ae3e775ec5451b834410cd5406f755e54fdf78
-
SSDEEP
3072:FpWpzUiBWPd6A5LxF2J5XE1dd/1IGTKCVQLN7NdS7oT71I5xz0efVL6lfqEYGdQu:bZig4aL2J5X0d1TWN767EWb0e4kueT
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Extracted
vidar
55.5
937
https://t.me/tg_turgay
https://ioc.exchange/@xiteb15011
-
profile_id
937
Targets
-
-
Target
file.exe
-
Size
365KB
-
MD5
4f079611c829965b37599ab3eacf1d5b
-
SHA1
e811577cd81fb79ca1f4329c19e97205725d32c3
-
SHA256
22a1d7e1b13a129f516a25f8f640cf744c1b37f1263bef3a1e02d99182e2dc25
-
SHA512
8b0d475825aaa266e1ce079e6c678a2d3f52ac4f1937e6bb9c419ba631f032198ea4e99f0df19b517d26b86bc8ae3e775ec5451b834410cd5406f755e54fdf78
-
SSDEEP
3072:FpWpzUiBWPd6A5LxF2J5XE1dd/1IGTKCVQLN7NdS7oT71I5xz0efVL6lfqEYGdQu:bZig4aL2J5X0d1TWN767EWb0e4kueT
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-