General
-
Target
Filmora2023.exe
-
Size
761.7MB
-
Sample
230205-c7sh8sbc4v
-
MD5
e9b86872f7ccb57f84737364128b7cc9
-
SHA1
cc4edb90af92ae6b3e3122e6c3f35ed8f2b6d895
-
SHA256
3a87f4c5773d261302d59628ecd88ef4de554c5d8ff90bdc0876c2d780779ddf
-
SHA512
863e31eed9e359b89d121d5730a1350c37c757d1e3ae3f1fdfcc2d67a56eb6c5a19610a6234025530376f22c2a5c4f7d8bb329f276f95f753a2c15a46379e393
-
SSDEEP
12288:Dudb7OgMxQ0Q2hxPSmIcqMvqYUtirJuD1mK3h1fNQ:S9n70Q2hZSmIcq6qjTb3/NQ
Static task
static1
Behavioral task
behavioral1
Sample
Filmora2023.exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
2.3
408
https://t.me/mantarlars
https://steamcommunity.com/profiles/76561199474840123
-
profile_id
408
Targets
-
-
Target
Filmora2023.exe
-
Size
761.7MB
-
MD5
e9b86872f7ccb57f84737364128b7cc9
-
SHA1
cc4edb90af92ae6b3e3122e6c3f35ed8f2b6d895
-
SHA256
3a87f4c5773d261302d59628ecd88ef4de554c5d8ff90bdc0876c2d780779ddf
-
SHA512
863e31eed9e359b89d121d5730a1350c37c757d1e3ae3f1fdfcc2d67a56eb6c5a19610a6234025530376f22c2a5c4f7d8bb329f276f95f753a2c15a46379e393
-
SSDEEP
12288:Dudb7OgMxQ0Q2hxPSmIcqMvqYUtirJuD1mK3h1fNQ:S9n70Q2hZSmIcq6qjTb3/NQ
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-