General
-
Target
996a9afca7ebed4ce1ac3f22f2f8da51.bin
-
Size
310KB
-
Sample
230203-kkn7asgf7y
-
MD5
80e6217562b392be9aa766ea31ac721d
-
SHA1
0d19e24804e4ca449ca376cba472462cd4564d02
-
SHA256
f35ffca0f66c39d0298c621de2d2271df9dfcf40bcf7e161f4057c412b94d3f8
-
SHA512
8e7beb1c5af191ed801b7ae5b3ca66acafaf137997f9f057fb1afd0da2d07024a7c73a44607a3d018d194cff67f24b7d54f1cd9768e4e5e8a263e909c1b90a71
-
SSDEEP
6144:Yyr4vzxcT+oPKiUu61uB++q6hbHFuL4wo4EjoSjz6IM:Yyco+oPzrYcb7wo4BSyIM
Static task
static1
Behavioral task
behavioral1
Sample
a594a97b66c29d9128d7757f71650c91575f1f32033f4cc56b49e8f5e1d4cecf.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
2.3
813
https://t.me/mantarlars
https://steamcommunity.com/profiles/76561199474840123
-
profile_id
813
Targets
-
-
Target
a594a97b66c29d9128d7757f71650c91575f1f32033f4cc56b49e8f5e1d4cecf.exe
-
Size
416KB
-
MD5
996a9afca7ebed4ce1ac3f22f2f8da51
-
SHA1
bebfc60a7b1fa8e493a458d15331907233f0e928
-
SHA256
a594a97b66c29d9128d7757f71650c91575f1f32033f4cc56b49e8f5e1d4cecf
-
SHA512
e50ab67d9d87f0dc801553116c2fb09320d8aa7f5041abcc79260c1de956de2c711d868b1561081beec32e0f23523226de0dff8e9df83fff11ec64006984d7f1
-
SSDEEP
6144:rkgYDLQMDGDJyzP+Bpitd5QHiIuTWuej7bwtRaamqMoI/wr8Mu:9QcLDJwyWGCIuTPGbzqME
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-