General
-
Target
1f6a5ac3dec3a05afee3882030374e9842e8ac52d1bf65afae656af5d4674a8c
-
Size
434KB
-
Sample
230103-qe6gaabe25
-
MD5
ca334213065dce4115d8bf65159b8704
-
SHA1
0f0fafbe20099778a15ee1660f169cf1b812dd1a
-
SHA256
1f6a5ac3dec3a05afee3882030374e9842e8ac52d1bf65afae656af5d4674a8c
-
SHA512
60b6063048ece4eded25f9f414591fe8822172f734806c055de26778cab97241b6e52fc221f839dac196193778bb3f09c0a24e216404f863fb22ac8a9720b688
-
SSDEEP
6144:j8LcALaQvwXz/2v4W0U6sKpyqkBxj+jvcZgRTaeXgJBT4qjAWTM4xVvkHb+ew:j8dLhr3KMqYsUZ/XBMqXTMENi+
Static task
static1
Malware Config
Extracted
vidar
1.8
24
https://t.me/year2023start
https://steamcommunity.com/profiles/76561199467421923
-
profile_id
24
Targets
-
-
Target
1f6a5ac3dec3a05afee3882030374e9842e8ac52d1bf65afae656af5d4674a8c
-
Size
434KB
-
MD5
ca334213065dce4115d8bf65159b8704
-
SHA1
0f0fafbe20099778a15ee1660f169cf1b812dd1a
-
SHA256
1f6a5ac3dec3a05afee3882030374e9842e8ac52d1bf65afae656af5d4674a8c
-
SHA512
60b6063048ece4eded25f9f414591fe8822172f734806c055de26778cab97241b6e52fc221f839dac196193778bb3f09c0a24e216404f863fb22ac8a9720b688
-
SSDEEP
6144:j8LcALaQvwXz/2v4W0U6sKpyqkBxj+jvcZgRTaeXgJBT4qjAWTM4xVvkHb+ew:j8dLhr3KMqYsUZ/XBMqXTMENi+
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-