General
-
Target
f238e25918cf362cf59324a5686b529f30199d4b9f634c192ba5a2f579b613b0
-
Size
416KB
-
Sample
230112-e98z4sba6x
-
MD5
b0326998af1e507209af66e5df656d2c
-
SHA1
654b9bd21e677d749acb44179897cc9fdb16a805
-
SHA256
f238e25918cf362cf59324a5686b529f30199d4b9f634c192ba5a2f579b613b0
-
SHA512
1d2e0ee2c2a9f25666e3f2d6d205dbadf11ab34b2b7f7186867c1e2006bf1e4446355716b64c6dcc5170bf2a798c2a9a0484f8f3fe0e4e6ada15863747f44af3
-
SSDEEP
6144:zNdMPQG00A75CdlW+avYKsTfn1j72cwveKO6W3Ig:zYPQD0O5CLWJgDh723v46W
Static task
static1
Malware Config
Extracted
vidar
2
24
https://t.me/tgdatapacks
https://steamcommunity.com/profiles/76561199469677637
-
profile_id
24
Targets
-
-
Target
f238e25918cf362cf59324a5686b529f30199d4b9f634c192ba5a2f579b613b0
-
Size
416KB
-
MD5
b0326998af1e507209af66e5df656d2c
-
SHA1
654b9bd21e677d749acb44179897cc9fdb16a805
-
SHA256
f238e25918cf362cf59324a5686b529f30199d4b9f634c192ba5a2f579b613b0
-
SHA512
1d2e0ee2c2a9f25666e3f2d6d205dbadf11ab34b2b7f7186867c1e2006bf1e4446355716b64c6dcc5170bf2a798c2a9a0484f8f3fe0e4e6ada15863747f44af3
-
SSDEEP
6144:zNdMPQG00A75CdlW+avYKsTfn1j72cwveKO6W3Ig:zYPQD0O5CLWJgDh723v46W
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-