General
-
Target
library_1.exe
-
Size
625KB
-
Sample
221111-g4b5ashgg2
-
MD5
d98931d0f091bb718be7823941c58ab7
-
SHA1
0102adeffa936f66cf1bcbb34d1794270668a8ec
-
SHA256
755e0cf8d26a723b697ab65a8bcd4a5d2131e0971a3ac959310167a0cae1e622
-
SHA512
b04ea7d29190059abd5473346718d0e1d63c4ae788e53b96123179981504987bea66646c9ffaf7aa2079fc52940880509ce58afdf5d2a676a90326919a234ec6
-
SSDEEP
12288:K+HXuuiMofnO1V5+XdlA+Ff1frK/lGRgOUqmq9kR6lhKX6E5UsZLCjZn+Z3N:hHXubZ/O1Af1frK/cRgOnmq9g6XEm7Zu
Static task
static1
Behavioral task
behavioral1
Sample
library_1.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
55.5
1707
https://t.me/tg_turgay
https://ioc.exchange/@xiteb15011
-
profile_id
1707
Targets
-
-
Target
library_1.exe
-
Size
625KB
-
MD5
d98931d0f091bb718be7823941c58ab7
-
SHA1
0102adeffa936f66cf1bcbb34d1794270668a8ec
-
SHA256
755e0cf8d26a723b697ab65a8bcd4a5d2131e0971a3ac959310167a0cae1e622
-
SHA512
b04ea7d29190059abd5473346718d0e1d63c4ae788e53b96123179981504987bea66646c9ffaf7aa2079fc52940880509ce58afdf5d2a676a90326919a234ec6
-
SSDEEP
12288:K+HXuuiMofnO1V5+XdlA+Ff1frK/lGRgOUqmq9kR6lhKX6E5UsZLCjZn+Z3N:hHXubZ/O1Af1frK/cRgOnmq9g6XEm7Zu
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-