General
-
Target
6b367eccba03a498e3295d7b66d4bf5e9168100af8b598c1ba601df28e664427
-
Size
296KB
-
Sample
230103-maal9sba92
-
MD5
dd76285b5816465318cd761d0c2c05ba
-
SHA1
2f75a101c571ca6ae5140741585965c9bf9a5a5b
-
SHA256
6b367eccba03a498e3295d7b66d4bf5e9168100af8b598c1ba601df28e664427
-
SHA512
83222ab1d165b18b9e8200a4ce252dcf64bbb827d84096d193366e4c6a7c030aed8515e7508660fdf9e8e849cd6376b046cb0272bb7984422ac7f6565d3a72d3
-
SSDEEP
6144:17pOFlpDofcQdKU8CvGJlcWwoKHL4YvUoWt:1UpMKbgWw5HcY
Malware Config
Extracted
vidar
1.8
19
https://t.me/year2023start
https://steamcommunity.com/profiles/76561199467421923
-
profile_id
19
Targets
-
-
Target
6b367eccba03a498e3295d7b66d4bf5e9168100af8b598c1ba601df28e664427
-
Size
296KB
-
MD5
dd76285b5816465318cd761d0c2c05ba
-
SHA1
2f75a101c571ca6ae5140741585965c9bf9a5a5b
-
SHA256
6b367eccba03a498e3295d7b66d4bf5e9168100af8b598c1ba601df28e664427
-
SHA512
83222ab1d165b18b9e8200a4ce252dcf64bbb827d84096d193366e4c6a7c030aed8515e7508660fdf9e8e849cd6376b046cb0272bb7984422ac7f6565d3a72d3
-
SSDEEP
6144:17pOFlpDofcQdKU8CvGJlcWwoKHL4YvUoWt:1UpMKbgWw5HcY
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-