General
-
Target
Setup.rar
-
Size
4.2MB
-
Sample
221124-dlmxasgd5t
-
MD5
1b3ec1ccab066de155bce7ad3cc72f7b
-
SHA1
e514a4add5b788854bf8fdb266f16cee2b6a9da7
-
SHA256
63171dabed97ed86421a9ac441a9fd10ec5424be279e07c7d9639b2470c88f20
-
SHA512
ccfedadd87e3554db57d6f365176a7bbee87a3f35aa6b0a02120a898d33bb21548698809254937bd49816b1622ceabea190f24f542a1403c9aa00e43095ca1c7
-
SSDEEP
49152:UPGzSXeWLLn0cPsyxDcDyv2NbefywwXYk3m/vfQT0HHMnnG+lVi+ucJJIdLBgllG:gGzcL70dySNbeiok3m/m9VrJ8LBgllGb
Static task
static1
Malware Config
Extracted
vidar
55.8
1707
https://t.me/headshotsonly
https://steamcommunity.com/profiles/76561199436777531
-
profile_id
1707
Targets
-
-
Target
Setup.exe
-
Size
401.8MB
-
MD5
f5513bd3e4645115637ed30606a227b8
-
SHA1
1ed3ca65a169433be8d243ddd5594f62f68bf9b5
-
SHA256
a582faf1a02f9216f14d1fe7230b46ad561790c7c4166110ee662d68d518aca3
-
SHA512
052f1dab6094ac8445bae2a86c3f0cd406e36c59ac6a3016aebd7e5f44d753310a8a6c53c6a3b791e74a7b7d17ce2dd5244a17223edfa690f63a4b027e8ae0ea
-
SSDEEP
98304:RO7TFBG5EAqirNsd5/G9h4djD/stK3as3uDZSbBbKBrEF63:+pBG5xNsXGv43+DPrEF63
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-