General
-
Target
d25682fcd8c3d61bee85eb504e6f2cfe.exe
-
Size
615KB
-
Sample
221206-rhvdvsec72
-
MD5
d25682fcd8c3d61bee85eb504e6f2cfe
-
SHA1
6311f73bddb89a436a4a441b05b49b781b47b53f
-
SHA256
9d922444b2e91da8a44dbfb03637dc2b35468bddba5871034e10dcea9ced6efa
-
SHA512
48da599c8783bdc11da9b6ce275ce26429815d31d9d3191e30d814c906c67c18325457b26987a1e2f17da1064f19aa4145986a2cbb49c82a7ff9d1cfe3414f6c
-
SSDEEP
12288:w8UEVeVaqaHBSeNiyiK7XVCtosfKxJF/6m:kaqwnNiyiK7FCtoQKx31
Static task
static1
Behavioral task
behavioral1
Sample
d25682fcd8c3d61bee85eb504e6f2cfe.exe
Resource
win7-20220901-en
Malware Config
Extracted
vidar
56
1364
https://t.me/asifrazatg
https://steamcommunity.com/profiles/76561199439929669
-
profile_id
1364
Targets
-
-
Target
d25682fcd8c3d61bee85eb504e6f2cfe.exe
-
Size
615KB
-
MD5
d25682fcd8c3d61bee85eb504e6f2cfe
-
SHA1
6311f73bddb89a436a4a441b05b49b781b47b53f
-
SHA256
9d922444b2e91da8a44dbfb03637dc2b35468bddba5871034e10dcea9ced6efa
-
SHA512
48da599c8783bdc11da9b6ce275ce26429815d31d9d3191e30d814c906c67c18325457b26987a1e2f17da1064f19aa4145986a2cbb49c82a7ff9d1cfe3414f6c
-
SSDEEP
12288:w8UEVeVaqaHBSeNiyiK7XVCtosfKxJF/6m:kaqwnNiyiK7FCtoQKx31
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-