General
-
Target
file.exe
-
Size
327KB
-
Sample
221107-r6ey3scce7
-
MD5
583f633192f85aaa50b9f7ed7b169b39
-
SHA1
a4cc6354ae632607535728b00d47359641fa445c
-
SHA256
02384bb954f75596ee2caa74b7a9b2be6d4c39ae191d864b50725bc8f5245a41
-
SHA512
309d81e72fbc8855fb6c90fdc2ce2cfb28d191e6300a8c2a98130eae8619da21eccd51dc40b33572af476beae835a9feb39de6a6e643283933ce7cb97e08e2b4
-
SSDEEP
6144:7GILUGfOnDhxin5Y3PV9eMPucDkKnwsT/uEnIhSx1H:7vQGfUa5YfKvFKwsTV3
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
55.6
937
https://ioc.exchange/@xiteb15011
https://t.me/tg_turgay
-
profile_id
937
Targets
-
-
Target
file.exe
-
Size
327KB
-
MD5
583f633192f85aaa50b9f7ed7b169b39
-
SHA1
a4cc6354ae632607535728b00d47359641fa445c
-
SHA256
02384bb954f75596ee2caa74b7a9b2be6d4c39ae191d864b50725bc8f5245a41
-
SHA512
309d81e72fbc8855fb6c90fdc2ce2cfb28d191e6300a8c2a98130eae8619da21eccd51dc40b33572af476beae835a9feb39de6a6e643283933ce7cb97e08e2b4
-
SSDEEP
6144:7GILUGfOnDhxin5Y3PV9eMPucDkKnwsT/uEnIhSx1H:7vQGfUa5YfKvFKwsTV3
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-