General
-
Target
9022cbe35fa75e1a3a71f754a4603306
-
Size
424KB
-
Sample
231219-yzspxsbffm
-
MD5
9022cbe35fa75e1a3a71f754a4603306
-
SHA1
12514c75aa710ff5de150c259eea47c30821a6f7
-
SHA256
aa19fb7d4f44f064ce6a6b5d8fc657d557fbe0d6c43082ea33011a7b17d903b0
-
SHA512
407ed7fe5f93253570ea1d0fba496876e1c5d7efcc3d051c655169c235167d05068d4a127f9ba3a52cf0db4ef3ea03afeaa668adc222fc948d956930603c7789
-
SSDEEP
12288:v24e3d9nff5fNsxmbZjMWDKZ/8DPt8ydtPv:wd9nff5WxmbBdDqkPt8+tPv
Static task
static1
Behavioral task
behavioral1
Sample
9022cbe35fa75e1a3a71f754a4603306.exe
Resource
win7-20231215-en
Malware Config
Extracted
vidar
32.5
237
http://freedomainsdesign.com/
-
profile_id
237
Targets
-
-
Target
9022cbe35fa75e1a3a71f754a4603306
-
Size
424KB
-
MD5
9022cbe35fa75e1a3a71f754a4603306
-
SHA1
12514c75aa710ff5de150c259eea47c30821a6f7
-
SHA256
aa19fb7d4f44f064ce6a6b5d8fc657d557fbe0d6c43082ea33011a7b17d903b0
-
SHA512
407ed7fe5f93253570ea1d0fba496876e1c5d7efcc3d051c655169c235167d05068d4a127f9ba3a52cf0db4ef3ea03afeaa668adc222fc948d956930603c7789
-
SSDEEP
12288:v24e3d9nff5fNsxmbZjMWDKZ/8DPt8ydtPv:wd9nff5WxmbBdDqkPt8+tPv
-
Vidar Stealer
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-