General
-
Target
a2e1443efcc1458c18a04baa94a78511.exe
-
Size
296KB
-
Sample
221205-1tcgvsea7x
-
MD5
a2e1443efcc1458c18a04baa94a78511
-
SHA1
e27c11ac5a6f96560df8df7fd444ab1557d7bbd6
-
SHA256
e4529389a7894145aba4211365e6ed6c23e1ce582109cc9cb8b1272ada1b54b1
-
SHA512
aba5aeaf1bda31e40ef78cd2f4154739c8e7def494e5f4ca5c115d0953149cd4b20cd8672cabb00c756b6288a1165b60c72dca391f5c6134afc5ee53ce4360ab
-
SSDEEP
6144:dMWAOA+Xg8kN7ws7b3A03ZyG2epQdYQJI+McpO:dM9+QTwOZyVepQdORK
Static task
static1
Behavioral task
behavioral1
Sample
a2e1443efcc1458c18a04baa94a78511.exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
1.3
14
https://t.me/samuelljax
https://steamcommunity.com/profiles/76561199439725733
-
profile_id
14
Targets
-
-
Target
a2e1443efcc1458c18a04baa94a78511.exe
-
Size
296KB
-
MD5
a2e1443efcc1458c18a04baa94a78511
-
SHA1
e27c11ac5a6f96560df8df7fd444ab1557d7bbd6
-
SHA256
e4529389a7894145aba4211365e6ed6c23e1ce582109cc9cb8b1272ada1b54b1
-
SHA512
aba5aeaf1bda31e40ef78cd2f4154739c8e7def494e5f4ca5c115d0953149cd4b20cd8672cabb00c756b6288a1165b60c72dca391f5c6134afc5ee53ce4360ab
-
SSDEEP
6144:dMWAOA+Xg8kN7ws7b3A03ZyG2epQdYQJI+McpO:dM9+QTwOZyVepQdORK
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-