General
-
Target
a6e7e60bc72241461ab5d878958cfd79
-
Size
604KB
-
Sample
231219-1ewl7abcd6
-
MD5
a6e7e60bc72241461ab5d878958cfd79
-
SHA1
a5622ec9f8d84e7b24c1a57336ed86ddb06b38c5
-
SHA256
1684fa6d07d88b97035794fbb686958820e3644266da1bcc0c7c3cbbb3e1aeb0
-
SHA512
a6f0a3d0dcfa1db80d7cd6e95a7db3ba366f6aebe5be482afe163d18b1b1d91abfc5a6e6fb1c0fb966b5b47b852fd44f65f7a5b012eb076a355014ac3b4d4b18
-
SSDEEP
12288:Av/DGzZWTwFmmn6IFZn6urrPKnQeac4UMwtQc2/EY7xN1/p:Av/KYTwFR6hun/n43c/p
Behavioral task
behavioral1
Sample
a6e7e60bc72241461ab5d878958cfd79.exe
Resource
win7-20231215-en
Malware Config
Extracted
vidar
8.2
237
http://refenansoro.com/
-
profile_id
237
Targets
-
-
Target
a6e7e60bc72241461ab5d878958cfd79
-
Size
604KB
-
MD5
a6e7e60bc72241461ab5d878958cfd79
-
SHA1
a5622ec9f8d84e7b24c1a57336ed86ddb06b38c5
-
SHA256
1684fa6d07d88b97035794fbb686958820e3644266da1bcc0c7c3cbbb3e1aeb0
-
SHA512
a6f0a3d0dcfa1db80d7cd6e95a7db3ba366f6aebe5be482afe163d18b1b1d91abfc5a6e6fb1c0fb966b5b47b852fd44f65f7a5b012eb076a355014ac3b4d4b18
-
SSDEEP
12288:Av/DGzZWTwFmmn6IFZn6urrPKnQeac4UMwtQc2/EY7xN1/p:Av/KYTwFR6hun/n43c/p
-
Vidar Stealer
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-