General
-
Target
0c615bf643adf8de5c843f709ead8a9e.exe
-
Size
615KB
-
Sample
221204-fxrezaaa92
-
MD5
0c615bf643adf8de5c843f709ead8a9e
-
SHA1
2890f1a178424574aaff0c9c50bdcec7bba7eec1
-
SHA256
73a4ca1224bc4657443596157d3ce150bcd4b6dd32217f2467818c7efea4ee43
-
SHA512
cfe2bc672228793a7d04173fe366b91bb7ce492ba7db3bafe09334dc2cd0f11460d75ab3810f52ba2b5192cbd4e3d443267853101b54a18e423063bbae502b0f
-
SSDEEP
12288:lr5URapBDnHf7BTvABrtt/S6TwmZd0z9wlNdqlDMj03hBcUlG:/Uw/tMB7/+idZDdqlY0RBcUM
Static task
static1
Behavioral task
behavioral1
Sample
0c615bf643adf8de5c843f709ead8a9e.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
56
1364
https://t.me/asifrazatg
https://steamcommunity.com/profiles/76561199439929669
-
profile_id
1364
Targets
-
-
Target
0c615bf643adf8de5c843f709ead8a9e.exe
-
Size
615KB
-
MD5
0c615bf643adf8de5c843f709ead8a9e
-
SHA1
2890f1a178424574aaff0c9c50bdcec7bba7eec1
-
SHA256
73a4ca1224bc4657443596157d3ce150bcd4b6dd32217f2467818c7efea4ee43
-
SHA512
cfe2bc672228793a7d04173fe366b91bb7ce492ba7db3bafe09334dc2cd0f11460d75ab3810f52ba2b5192cbd4e3d443267853101b54a18e423063bbae502b0f
-
SSDEEP
12288:lr5URapBDnHf7BTvABrtt/S6TwmZd0z9wlNdqlDMj03hBcUlG:/Uw/tMB7/+idZDdqlY0RBcUM
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-