General
-
Target
4d60a233f1f311af46a17f2ab375b5df78388d878108f0c9ef59fefe531f4829
-
Size
556KB
-
Sample
221203-g19amabe58
-
MD5
ac3ccd4f557380932a3007718a59ca96
-
SHA1
7ef9bf9517e93e4dbca945855806fe5c7612fd5f
-
SHA256
4d60a233f1f311af46a17f2ab375b5df78388d878108f0c9ef59fefe531f4829
-
SHA512
3154849abfd4b6622659aa3763948bb7fbc952bae540451f428513a0259b649886bc0dc65c1281cd33af34797339231d9ff5ef160a3d9e1d189c2bba6c265dcd
-
SSDEEP
12288:f9bBcNAHX3WTYGa5fWSBjbS4Vdz0n34yAD+4rua9fUjIdrWikNof:bcm3BNdBje4zz0noy+rua9fUj8W0
Static task
static1
Malware Config
Extracted
vidar
56
1881
https://t.me/asifrazatg
https://steamcommunity.com/profiles/76561199439929669
-
profile_id
1881
Targets
-
-
Target
4d60a233f1f311af46a17f2ab375b5df78388d878108f0c9ef59fefe531f4829
-
Size
556KB
-
MD5
ac3ccd4f557380932a3007718a59ca96
-
SHA1
7ef9bf9517e93e4dbca945855806fe5c7612fd5f
-
SHA256
4d60a233f1f311af46a17f2ab375b5df78388d878108f0c9ef59fefe531f4829
-
SHA512
3154849abfd4b6622659aa3763948bb7fbc952bae540451f428513a0259b649886bc0dc65c1281cd33af34797339231d9ff5ef160a3d9e1d189c2bba6c265dcd
-
SSDEEP
12288:f9bBcNAHX3WTYGa5fWSBjbS4Vdz0n34yAD+4rua9fUjIdrWikNof:bcm3BNdBje4zz0noy+rua9fUj8W0
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-