General
-
Target
file.exe
-
Size
401KB
-
Sample
221205-b9t96sed76
-
MD5
37980aee9719695d908aa93cfe0b41a0
-
SHA1
643d6b8bb8a38187711b6fe8a16806debd274c68
-
SHA256
33b318b9a8752c39d56c842ee1d82dc01ee6f495ff7304f1ed81da18bacdcda0
-
SHA512
6b7add23631f303387de82357c9fa29ba4f7deec184b18e58123d172ae6afdefd19cf4d336c16ed4e5c561e55a2420b65d34ddae00c69ea555ef428f5cfd0261
-
SSDEEP
12288:soKWsoYjgf3zeEulPPACkqQrF+04Ns+Fb:soKWw6DtulzQrF+RmCb
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
56
1148
https://t.me/asifrazatg
https://steamcommunity.com/profiles/76561199439929669
-
profile_id
1148
Targets
-
-
Target
file.exe
-
Size
401KB
-
MD5
37980aee9719695d908aa93cfe0b41a0
-
SHA1
643d6b8bb8a38187711b6fe8a16806debd274c68
-
SHA256
33b318b9a8752c39d56c842ee1d82dc01ee6f495ff7304f1ed81da18bacdcda0
-
SHA512
6b7add23631f303387de82357c9fa29ba4f7deec184b18e58123d172ae6afdefd19cf4d336c16ed4e5c561e55a2420b65d34ddae00c69ea555ef428f5cfd0261
-
SSDEEP
12288:soKWsoYjgf3zeEulPPACkqQrF+04Ns+Fb:soKWw6DtulzQrF+RmCb
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-