General
-
Target
file.exe
-
Size
297KB
-
Sample
221123-mbcs1sgh4y
-
MD5
5f855f6a65f0bea8015a479933b182be
-
SHA1
8ddf05bc2452ca32c2ac133f65e8dd6ea66a8827
-
SHA256
db701c4c2b8a1a5f336b3039ac0e643a8e5105941d413f7fbbe85f3764ee8278
-
SHA512
ada5a135f52304bef20966e460fa1efb79c2d4cd7c3ffaeae7fdbc1d7d7faf3f53dba843c36987b6ee78caa5c8ee494431e5f455dd47f2cf648897de8bb46705
-
SSDEEP
6144:BswXLN+7xBy/WtAXFLRuuMl7PCi9A56sHh7Lhu:BswX47xNtAXpRuuMlrCi9gG
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Extracted
vidar
55.8
937
https://t.me/headshotsonly
https://steamcommunity.com/profiles/76561199436777531
-
profile_id
937
Targets
-
-
Target
file.exe
-
Size
297KB
-
MD5
5f855f6a65f0bea8015a479933b182be
-
SHA1
8ddf05bc2452ca32c2ac133f65e8dd6ea66a8827
-
SHA256
db701c4c2b8a1a5f336b3039ac0e643a8e5105941d413f7fbbe85f3764ee8278
-
SHA512
ada5a135f52304bef20966e460fa1efb79c2d4cd7c3ffaeae7fdbc1d7d7faf3f53dba843c36987b6ee78caa5c8ee494431e5f455dd47f2cf648897de8bb46705
-
SSDEEP
6144:BswXLN+7xBy/WtAXFLRuuMl7PCi9A56sHh7Lhu:BswX47xNtAXpRuuMlrCi9gG
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-