General
-
Target
file.exe
-
Size
274KB
-
Sample
221117-kbvygsaa5v
-
MD5
e30236d2d090827b550afd90cef3a6ef
-
SHA1
7757d2ef82ffeedb1283d44db93cbbfe339c2547
-
SHA256
e49fd3959894df00e85dc1916b52d90b00dd1229118d463f28b634a8944d5070
-
SHA512
ee83e3fa1717a65a3da7dc25ba64bd6e75d05b89c097e487c1e44a9c7a8fbcb7d09095324ab5b4900d7a8e03d7407d87bf278ff644f520430894e6a11c37311c
-
SSDEEP
6144:lp1Pi/vzGo7EopHZLAz9RSHfrw/63C6RJEN1gO2:l6vCo7xLA4UPimN1gO
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
55.7
937
https://t.me/deadftx
https://www.ultimate-guitar.com/u/smbfupkuhrgc1
-
profile_id
937
Targets
-
-
Target
file.exe
-
Size
274KB
-
MD5
e30236d2d090827b550afd90cef3a6ef
-
SHA1
7757d2ef82ffeedb1283d44db93cbbfe339c2547
-
SHA256
e49fd3959894df00e85dc1916b52d90b00dd1229118d463f28b634a8944d5070
-
SHA512
ee83e3fa1717a65a3da7dc25ba64bd6e75d05b89c097e487c1e44a9c7a8fbcb7d09095324ab5b4900d7a8e03d7407d87bf278ff644f520430894e6a11c37311c
-
SSDEEP
6144:lp1Pi/vzGo7EopHZLAz9RSHfrw/63C6RJEN1gO2:l6vCo7xLA4UPimN1gO
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-