General
-
Target
file.exe
-
Size
368KB
-
Sample
230105-tx3pwsce77
-
MD5
72a188543585bf92a5d27d7d96577930
-
SHA1
883a046e79a4329cc05f904b82e270b0e31b96e6
-
SHA256
ce242ead59347522c60dfafc0b258a08449328691cf3742bc0a6fab5be9ba9d9
-
SHA512
260d76cf99ac63493e39b46e481d8783211fe15ddf1ca8689bcf80d60ce45fe870f81a33d5d64a8884ad5c9d3269cbe77faf721cb1f6381faf031949bc1610d6
-
SSDEEP
6144:Owz57pOFlpDofcQdKU8CvGJlcWwoKHL4YZUoWt6:Owz5UpMKbgWw5HcY
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
1.8
813
https://t.me/year2023start
https://steamcommunity.com/profiles/76561199467421923
-
profile_id
813
Targets
-
-
Target
file.exe
-
Size
368KB
-
MD5
72a188543585bf92a5d27d7d96577930
-
SHA1
883a046e79a4329cc05f904b82e270b0e31b96e6
-
SHA256
ce242ead59347522c60dfafc0b258a08449328691cf3742bc0a6fab5be9ba9d9
-
SHA512
260d76cf99ac63493e39b46e481d8783211fe15ddf1ca8689bcf80d60ce45fe870f81a33d5d64a8884ad5c9d3269cbe77faf721cb1f6381faf031949bc1610d6
-
SSDEEP
6144:Owz57pOFlpDofcQdKU8CvGJlcWwoKHL4YZUoWt6:Owz5UpMKbgWw5HcY
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-