General
-
Target
AdobeIllustrator2023.rar
-
Size
6.8MB
-
Sample
230218-xdklrace2t
-
MD5
d8e4b0d3b4113cf340ae2c944a556dd3
-
SHA1
32c6f664fd993be0d1286ef0929e9dc929e6e585
-
SHA256
d0acf62bc8114d8306fa0f8fa38cf8ebce28abb99b447a434520da801a97b5e8
-
SHA512
0fb4df0db32e1c1ed8a6abd88c203991e97f5023ed518a83c770660f4182b398a18a90a99eb99171787047cd2f983b94d0d7837d0b45a8a26bdef82efd115611
-
SSDEEP
196608:zaayWJXuLc+7Yg5dmkHp9vNBij1rjeHUkn51UnxIiMCnX:zHjiclgdnBSrje0k51UxzdnX
Static task
static1
Behavioral task
behavioral1
Sample
AdobeIllustrator2023.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
2.5
408
-
profile_id
408
Targets
-
-
Target
AdobeIllustrator2023.exe
-
Size
761.7MB
-
MD5
127504100dc5cc5d31567b432545a094
-
SHA1
c5de6d70709521b64d2bfdc02ea3283d75ae35d2
-
SHA256
57fa5d7d958b31479f78214a37ee220bf4bd0cc6a784c653d9b9665d17815612
-
SHA512
371751fd419b40603d5f4d6f4767933a59f428891c0e62a315ab5881883b3ba555b26246b8015b0fe5010e943b7ab0324d12e4cf8056a7e35646fecc5507e414
-
SSDEEP
12288:8mkPutHPPqXfiFYANYgsmybPf9sFK7Gsf6FAxBoBD4:PkPuFPPqXfirNYgsmybSw7Gsywf
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-