General
-
Target
Valorant.rar
-
Size
10.1MB
-
Sample
230203-rg6eqsff48
-
MD5
f2bd4f3a3ee27669862640f715187ba5
-
SHA1
6b6afb2d02ac8f85982bf2e41a2a889f6ae138a8
-
SHA256
2059081ffb62478d0bd2481b71a2f1dc34f8cdc6d3ba011c638af4a09e0a846d
-
SHA512
46e43fbfb6483008c2e8e3b88c98efd7a2acaf525e2c34bd5e07aa485bc4ba7dd19f02f6fc5082774d6665cc5828a95960a8392ea9c04187e2756d41fb30cab1
-
SSDEEP
196608:/k7Kt6WIjI5F1UUf/JVNrI7mgK5PNQq7u+gXR2MykL6lv1VP7:/k7nBEFeUX9r/V1NfucXVrVj
Static task
static1
Behavioral task
behavioral1
Sample
Valorant.exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
2.3
408
https://t.me/mantarlars
https://steamcommunity.com/profiles/76561199474840123
-
profile_id
408
Targets
-
-
Target
Valorant.exe
-
Size
761.7MB
-
MD5
7dbbd9cb789eef6634df521458707a8e
-
SHA1
8b145b3a1b8fa985c5951b05a4ea23282e462d6e
-
SHA256
2ddfeb81cc6f577c6a572d95a9c901f5267df76f102de15570d29766cfe0e469
-
SHA512
700e0455c0cd79aebd110348706f81c19b43c16c8813009a484e108d99c5f9b2cb94bce93a9c3e73848951eeb39619bd306c24f4ac03f960dee80749e7af1dc3
-
SSDEEP
98304:I2Gp2qVeoJAYyFClDOSAJBZO+os/ATYCVN/4AINYYh3yQdSo:wlrJAY55OnT6sNC/45Nxzd/
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-