General
-
Target
67d623696828f77a0c7b9c81960709579c7b95f4c26d569b420ab05bbdf0049d.bin
-
Size
528KB
-
Sample
230125-nbp9safg89
-
MD5
9105e24109392b36a6551e7fcd752973
-
SHA1
56bc844aa457de6b450cf08c427d534e7331572f
-
SHA256
67d623696828f77a0c7b9c81960709579c7b95f4c26d569b420ab05bbdf0049d
-
SHA512
cd1682f425b1529d2ac95ace0f2bc13dc89e828f28d4c2b4d0599332c8c25648e3d700156a68cc197e222fc4d717b713826f4a36d1346bbf6c2d35e188c8890f
-
SSDEEP
12288:0TvwH50cBHpdEfEOYeGB5L+8wpMTB6xW1ZJ8/FcHxSn:ZyIHy8eGfL+zwfG/FwO
Static task
static1
Behavioral task
behavioral1
Sample
67d623696828f77a0c7b9c81960709579c7b95f4c26d569b420ab05bbdf0049d.exe
Resource
win7-20220901-en
Malware Config
Extracted
vidar
1.9
821
https://t.me/travelticketshop
https://steamcommunity.com/profiles/76561199469016299
-
profile_id
821
Targets
-
-
Target
67d623696828f77a0c7b9c81960709579c7b95f4c26d569b420ab05bbdf0049d.bin
-
Size
528KB
-
MD5
9105e24109392b36a6551e7fcd752973
-
SHA1
56bc844aa457de6b450cf08c427d534e7331572f
-
SHA256
67d623696828f77a0c7b9c81960709579c7b95f4c26d569b420ab05bbdf0049d
-
SHA512
cd1682f425b1529d2ac95ace0f2bc13dc89e828f28d4c2b4d0599332c8c25648e3d700156a68cc197e222fc4d717b713826f4a36d1346bbf6c2d35e188c8890f
-
SSDEEP
12288:0TvwH50cBHpdEfEOYeGB5L+8wpMTB6xW1ZJ8/FcHxSn:ZyIHy8eGfL+zwfG/FwO
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-