General
-
Target
Smaller.exe
-
Size
3.8MB
-
Sample
230202-v7jv7saa5w
-
MD5
494e03d339c4b84f71f0c122de940860
-
SHA1
85152244f96b8a76ece7a26ba1db4eded3715b80
-
SHA256
6511d09ada2bc11a95c06bd20abb66f450b9b2a6ed1f00c723401884ce7a2e61
-
SHA512
5acc6fad0a576e16cb23d3058e9e186ee8bac9957c22bb6ba0c71214261596b627506a7f07f8d29b53d605762e45bed36cf48123f94d4a510f98cc1b1bf85c61
-
SSDEEP
98304:aVZ0gaAV265MWQT+VagEfsjjTNKBxeY19ICtHm:C3h2ChRogXjXNKBxemtHm
Static task
static1
Behavioral task
behavioral1
Sample
Smaller.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
2.2
408
https://t.me/litlebey
https://steamcommunity.com/profiles/76561199472399815
-
profile_id
408
Targets
-
-
Target
Smaller.exe
-
Size
3.8MB
-
MD5
494e03d339c4b84f71f0c122de940860
-
SHA1
85152244f96b8a76ece7a26ba1db4eded3715b80
-
SHA256
6511d09ada2bc11a95c06bd20abb66f450b9b2a6ed1f00c723401884ce7a2e61
-
SHA512
5acc6fad0a576e16cb23d3058e9e186ee8bac9957c22bb6ba0c71214261596b627506a7f07f8d29b53d605762e45bed36cf48123f94d4a510f98cc1b1bf85c61
-
SSDEEP
98304:aVZ0gaAV265MWQT+VagEfsjjTNKBxeY19ICtHm:C3h2ChRogXjXNKBxemtHm
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-