General
-
Target
b65affaee59395728a1448e548003ef5dda62b80baa4b115a433a72cb16a1ff1
-
Size
384KB
-
Sample
230105-vssvkacf58
-
MD5
fe3e76a8aa4b0279088f57e7fcd71121
-
SHA1
ea31fc235c4bad2f043f945451fd96453bfa8785
-
SHA256
b65affaee59395728a1448e548003ef5dda62b80baa4b115a433a72cb16a1ff1
-
SHA512
38c885a25b27916d8ce1b4a86746bb2d110985d6bb4dce0fd1e7ac8d368ba6c4acd205b6b031644e79e0fddae97340d14eda18d958e55e79486e7a06f65d576a
-
SSDEEP
6144:W7pOFlpDofcQdKU8CvGJlcWwoKHL4YZUoWt:WUpMKbgWw5HcY
Behavioral task
behavioral1
Sample
b65affaee59395728a1448e548003ef5dda62b80baa4b115a433a72cb16a1ff1.exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
1.8
813
https://t.me/year2023start
https://steamcommunity.com/profiles/76561199467421923
-
profile_id
813
Targets
-
-
Target
b65affaee59395728a1448e548003ef5dda62b80baa4b115a433a72cb16a1ff1
-
Size
384KB
-
MD5
fe3e76a8aa4b0279088f57e7fcd71121
-
SHA1
ea31fc235c4bad2f043f945451fd96453bfa8785
-
SHA256
b65affaee59395728a1448e548003ef5dda62b80baa4b115a433a72cb16a1ff1
-
SHA512
38c885a25b27916d8ce1b4a86746bb2d110985d6bb4dce0fd1e7ac8d368ba6c4acd205b6b031644e79e0fddae97340d14eda18d958e55e79486e7a06f65d576a
-
SSDEEP
6144:W7pOFlpDofcQdKU8CvGJlcWwoKHL4YZUoWt:WUpMKbgWw5HcY
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-