General
-
Target
DirectX Setup.exe
-
Size
761.7MB
-
Sample
230210-sh76dsfb27
-
MD5
1b7356b8241e9ade1be8625980f43b90
-
SHA1
76c67ae1ca0a2f5c4bcd36663f85a0114a419217
-
SHA256
281e151f52f90a34a9baeee9c0e39a91bbe2f3b26517a8d15add3c6cac95f2ac
-
SHA512
8810c81c00971952324104a8ca2932f82357f1d123df863e489bbbd77047b61f8f035bba63f6a66137252b83c79b48fda6a3d22765317fef198fa4a84905a072
-
SSDEEP
12288:d8fOB/ocZiIY9RKsnlYqLbvv5z2BywLKW7XID2PI:lB/ocZiIFqLb38VLKk66I
Static task
static1
Behavioral task
behavioral1
Sample
DirectX Setup.exe
Resource
win7-20220901-en
Malware Config
Extracted
vidar
2.4
408
-
profile_id
408
Targets
-
-
Target
DirectX Setup.exe
-
Size
761.7MB
-
MD5
1b7356b8241e9ade1be8625980f43b90
-
SHA1
76c67ae1ca0a2f5c4bcd36663f85a0114a419217
-
SHA256
281e151f52f90a34a9baeee9c0e39a91bbe2f3b26517a8d15add3c6cac95f2ac
-
SHA512
8810c81c00971952324104a8ca2932f82357f1d123df863e489bbbd77047b61f8f035bba63f6a66137252b83c79b48fda6a3d22765317fef198fa4a84905a072
-
SSDEEP
12288:d8fOB/ocZiIY9RKsnlYqLbvv5z2BywLKW7XID2PI:lB/ocZiIFqLb38VLKk66I
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-