General
-
Target
Setup.exe
-
Size
455KB
-
Sample
230216-vc1kgaaf67
-
MD5
46ced715071c8e998a019ec544790ed1
-
SHA1
0f67f728da0c67ec820d378e589675db03e948df
-
SHA256
e282e8a40a9f9c66e32ff63aa62ea236f642110e79047a3c3d00428df09536a6
-
SHA512
26e5988211adb4d8d6899f9545f2b7a25b5e34fdfe775d713087f041392b3fc40eef07ae6deb13e4fc4b68fd9d40d7f03a83516eb44568ff57076fa5d6415385
-
SSDEEP
12288:OyAELcw3oMjkYvQUbsO15e82fZPMfq3tzWdvoZL9RfMBy:OC15iEidzWRoZ30By
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
2.5
408
-
profile_id
408
Targets
-
-
Target
Setup.exe
-
Size
455KB
-
MD5
46ced715071c8e998a019ec544790ed1
-
SHA1
0f67f728da0c67ec820d378e589675db03e948df
-
SHA256
e282e8a40a9f9c66e32ff63aa62ea236f642110e79047a3c3d00428df09536a6
-
SHA512
26e5988211adb4d8d6899f9545f2b7a25b5e34fdfe775d713087f041392b3fc40eef07ae6deb13e4fc4b68fd9d40d7f03a83516eb44568ff57076fa5d6415385
-
SSDEEP
12288:OyAELcw3oMjkYvQUbsO15e82fZPMfq3tzWdvoZL9RfMBy:OC15iEidzWRoZ30By
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-