General
-
Target
f1ac61c5cccc6e76dd193867004e2c13
-
Size
919KB
-
Sample
231220-vmjppsdfd7
-
MD5
f1ac61c5cccc6e76dd193867004e2c13
-
SHA1
c64243d7b3c61b0a554d47b6d33182fa3b591ee9
-
SHA256
f1932238ebf61f3f07165cb78f22a83432b40cc0da4f1d88a0cdb51089ecdf29
-
SHA512
fc129489620db6c77f835c240c1093ba58c5f0110114db3066b5f0c25a3b00e0505b8822251960abd63c7690a276b917218bd3f4e5d445ed773886fd6bdd46b8
-
SSDEEP
24576:5fFokLbbpT5fA7hwAPAARV91Qb3inEc/Swt:9SkbpT5uhnYo9ybSGi
Static task
static1
Behavioral task
behavioral1
Sample
f1ac61c5cccc6e76dd193867004e2c13.exe
Resource
win7-20231215-en
Malware Config
Extracted
vidar
41.2
921
https://mas.to/@serg4325
-
profile_id
921
Targets
-
-
Target
f1ac61c5cccc6e76dd193867004e2c13
-
Size
919KB
-
MD5
f1ac61c5cccc6e76dd193867004e2c13
-
SHA1
c64243d7b3c61b0a554d47b6d33182fa3b591ee9
-
SHA256
f1932238ebf61f3f07165cb78f22a83432b40cc0da4f1d88a0cdb51089ecdf29
-
SHA512
fc129489620db6c77f835c240c1093ba58c5f0110114db3066b5f0c25a3b00e0505b8822251960abd63c7690a276b917218bd3f4e5d445ed773886fd6bdd46b8
-
SSDEEP
24576:5fFokLbbpT5fA7hwAPAARV91Qb3inEc/Swt:9SkbpT5uhnYo9ybSGi
-
Vidar Stealer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-