General
-
Target
build.exe
-
Size
457KB
-
Sample
230129-ts9yeaeh4v
-
MD5
af635f9cdc7fd597efb7d9d3c66f6149
-
SHA1
848b13affeef2432c354ec09e6d92bd5b3eaa902
-
SHA256
d03368ee0a48405588951849dcc327040617e3195ba1fbb177baaa52f8566003
-
SHA512
b6980b0aa70163e517c2049fefecc7bdf2efe55502098a6d37ac4c8e2c05937fab12d76b66f6f3c5d56a10599a2861a62e41432a3c217f37e4c8f74e2ab44d24
-
SSDEEP
12288:dxvmnJmVcrzn7/z9RSu8CQ/S1/HLxS3LiD8GA:DOAen77pme/HLxSbigF
Behavioral task
behavioral1
Sample
build.exe
Resource
win10-20220901-es
Behavioral task
behavioral2
Sample
build.exe
Resource
win7-20220812-es
Behavioral task
behavioral3
Sample
build.exe
Resource
win10v2004-20220812-es
Behavioral task
behavioral4
Sample
out.exe
Resource
win10-20220901-es
Behavioral task
behavioral5
Sample
out.exe
Resource
win7-20220812-es
Behavioral task
behavioral6
Sample
out.exe
Resource
win10v2004-20221111-es
Malware Config
Extracted
vidar
34.7
399
http://reliabledc.com/
-
profile_id
399
Targets
-
-
Target
build.exe
-
Size
457KB
-
MD5
af635f9cdc7fd597efb7d9d3c66f6149
-
SHA1
848b13affeef2432c354ec09e6d92bd5b3eaa902
-
SHA256
d03368ee0a48405588951849dcc327040617e3195ba1fbb177baaa52f8566003
-
SHA512
b6980b0aa70163e517c2049fefecc7bdf2efe55502098a6d37ac4c8e2c05937fab12d76b66f6f3c5d56a10599a2861a62e41432a3c217f37e4c8f74e2ab44d24
-
SSDEEP
12288:dxvmnJmVcrzn7/z9RSu8CQ/S1/HLxS3LiD8GA:DOAen77pme/HLxSbigF
-
Vidar Stealer
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
out.upx
-
Size
889KB
-
MD5
65c0cb29de2242f1291bed56c8c5cff0
-
SHA1
3ba1d244e986f95eaf2c2a9b19fd6e00581dcbc6
-
SHA256
c88a384b4ec9582d9b844e446b2ff5993f3459e3426b0bef9a2fbcc4e5c56a8f
-
SHA512
3444d480454603a8b3a98dd8d0603a042c27f022d42e047a2934e8235b7bd858ca6b20c4221959748a5f44904c5df5ac2c9011e868366b5ec509ae0f55e69585
-
SSDEEP
12288:4BI5w41fURofJH4XHX++xfmEeT6i+nCK:46z18OiO+hm36D
Score3/10 -