General
-
Target
Setup..exe
-
Size
468KB
-
Sample
221211-kpvvmsbd6v
-
MD5
99ba29aa0086b1b1ac838d206b49715c
-
SHA1
420bd23958b3c374da8267f7bf2675ccc8aa3de0
-
SHA256
816c4a2117b90dc75d91056ca32a36ffd32d561aa433ee3f97126ba490e6d60a
-
SHA512
efa8502876985ef4715dd443d338e6b934bbfef1f58a1e076b9d5c46734099bc31fdf685613d00b2825519934c3392d6aa73e91c631c2ea0436dd62d16e423a3
-
SSDEEP
6144:zKTXzxwYramrvPrrvpu4n8FdBQDUlQRyYePgWNsyMr6/eUMMXW+hD1biEMuoQGdF:zKyY+8ciO3oA/9/T1b2OGBoNt2
Static task
static1
Behavioral task
behavioral1
Sample
Setup..exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
56.1
909
https://t.me/dishasta
https://steamcommunity.com/profiles/76561199441933804
-
profile_id
909
Targets
-
-
Target
Setup..exe
-
Size
468KB
-
MD5
99ba29aa0086b1b1ac838d206b49715c
-
SHA1
420bd23958b3c374da8267f7bf2675ccc8aa3de0
-
SHA256
816c4a2117b90dc75d91056ca32a36ffd32d561aa433ee3f97126ba490e6d60a
-
SHA512
efa8502876985ef4715dd443d338e6b934bbfef1f58a1e076b9d5c46734099bc31fdf685613d00b2825519934c3392d6aa73e91c631c2ea0436dd62d16e423a3
-
SSDEEP
6144:zKTXzxwYramrvPrrvpu4n8FdBQDUlQRyYePgWNsyMr6/eUMMXW+hD1biEMuoQGdF:zKyY+8ciO3oA/9/T1b2OGBoNt2
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-