General
-
Target
b4a57b62569ee1ccb1c2dae148488dc9e37d738f0fed4f0a6e144caeb910f546_payload.bin
-
Size
1.6MB
-
Sample
230220-mw1qksaf92
-
MD5
8253786095516f65bb5d94e994e0dd8d
-
SHA1
e1c41a79363b3a9c0e5309ff7db0b57690c42b95
-
SHA256
a0011af87d955b5f102024112e88d51bd0a43673245fb98bd546294b79c65448
-
SHA512
d1a601e30e72a2f22d4e1ce6bffce2b5cb0f9c7baf151903592055c11bff7e1c01bf41aeeb7ae59fae0eef5396994af711af120fc532a8ea208c7b792cac850b
-
SSDEEP
12288:dfGN/p5hM4+kLcU0Sx24cAa4cb6ZnuudoNssAlheGWEGfd/Y6zUCbV4JZmlnoU:Jq/ZM4+TnqvnWttYqUgegoU
Static task
static1
Behavioral task
behavioral1
Sample
b4a57b62569ee1ccb1c2dae148488dc9e37d738f0fed4f0a6e144caeb910f546_payload.exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
2.4
903
-
profile_id
903
Targets
-
-
Target
b4a57b62569ee1ccb1c2dae148488dc9e37d738f0fed4f0a6e144caeb910f546_payload.bin
-
Size
1.6MB
-
MD5
8253786095516f65bb5d94e994e0dd8d
-
SHA1
e1c41a79363b3a9c0e5309ff7db0b57690c42b95
-
SHA256
a0011af87d955b5f102024112e88d51bd0a43673245fb98bd546294b79c65448
-
SHA512
d1a601e30e72a2f22d4e1ce6bffce2b5cb0f9c7baf151903592055c11bff7e1c01bf41aeeb7ae59fae0eef5396994af711af120fc532a8ea208c7b792cac850b
-
SSDEEP
12288:dfGN/p5hM4+kLcU0Sx24cAa4cb6ZnuudoNssAlheGWEGfd/Y6zUCbV4JZmlnoU:Jq/ZM4+TnqvnWttYqUgegoU
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-