General
-
Target
file.exe
-
Size
623KB
-
Sample
221203-qxyjdsed44
-
MD5
b222f2f0919a0ac896e3f83f3b9b6003
-
SHA1
37670412f4b98641407944b86df43f40bc23a67f
-
SHA256
292234b4e44187b5549566ead6297f05dc6b40310e4f1b1384ce190a79891117
-
SHA512
ac1ed8f225c1aabfb18ef2c773cc42dc0972391760ca0fa50ba58602bbfecb9c113eed0fcb5685d3719b4dd936bff2e21cf8da887ff83b78ccc1af4097244964
-
SSDEEP
12288:FsJ5/WfL8JGhhC7OiTa8g5MdNXLSR6ESvzY:Fw+8JGOac909CY
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
56
1679
https://t.me/asifrazatg
https://steamcommunity.com/profiles/76561199439929669
-
profile_id
1679
Targets
-
-
Target
file.exe
-
Size
623KB
-
MD5
b222f2f0919a0ac896e3f83f3b9b6003
-
SHA1
37670412f4b98641407944b86df43f40bc23a67f
-
SHA256
292234b4e44187b5549566ead6297f05dc6b40310e4f1b1384ce190a79891117
-
SHA512
ac1ed8f225c1aabfb18ef2c773cc42dc0972391760ca0fa50ba58602bbfecb9c113eed0fcb5685d3719b4dd936bff2e21cf8da887ff83b78ccc1af4097244964
-
SSDEEP
12288:FsJ5/WfL8JGhhC7OiTa8g5MdNXLSR6ESvzY:Fw+8JGOac909CY
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-