General
-
Target
AdobePremiere2022.exe
-
Size
761.7MB
-
Sample
230202-ssl1xabf86
-
MD5
7dbbd9cb789eef6634df521458707a8e
-
SHA1
8b145b3a1b8fa985c5951b05a4ea23282e462d6e
-
SHA256
2ddfeb81cc6f577c6a572d95a9c901f5267df76f102de15570d29766cfe0e469
-
SHA512
700e0455c0cd79aebd110348706f81c19b43c16c8813009a484e108d99c5f9b2cb94bce93a9c3e73848951eeb39619bd306c24f4ac03f960dee80749e7af1dc3
-
SSDEEP
98304:I2Gp2qVeoJAYyFClDOSAJBZO+os/ATYCVN/4AINYYh3yQdSo:wlrJAY55OnT6sNC/45Nxzd/
Static task
static1
Behavioral task
behavioral1
Sample
AdobePremiere2022.exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
2.3
408
https://t.me/mantarlars
https://steamcommunity.com/profiles/76561199474840123
-
profile_id
408
Targets
-
-
Target
AdobePremiere2022.exe
-
Size
761.7MB
-
MD5
7dbbd9cb789eef6634df521458707a8e
-
SHA1
8b145b3a1b8fa985c5951b05a4ea23282e462d6e
-
SHA256
2ddfeb81cc6f577c6a572d95a9c901f5267df76f102de15570d29766cfe0e469
-
SHA512
700e0455c0cd79aebd110348706f81c19b43c16c8813009a484e108d99c5f9b2cb94bce93a9c3e73848951eeb39619bd306c24f4ac03f960dee80749e7af1dc3
-
SSDEEP
98304:I2Gp2qVeoJAYyFClDOSAJBZO+os/ATYCVN/4AINYYh3yQdSo:wlrJAY55OnT6sNC/45Nxzd/
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-