General
-
Target
2fcaae73e80aefac093facddf4e25014
-
Size
630KB
-
Sample
231231-ktg5cafdc6
-
MD5
2fcaae73e80aefac093facddf4e25014
-
SHA1
02dbe04b2f1068cb786c499dfcf34895607f554d
-
SHA256
a0983e1772cefbf3e5695078124fb00d4333362b19a59a799811ffd2ccc2db5e
-
SHA512
218e313c2d60aa4985d3759388b3bc365a74fe718be07d3b747fdb7d073fbbc66668e4a486f2d8aaeae8242700a4f60c371f40721ffd97facfb19c06e2710b09
-
SSDEEP
12288:14Xa10WFCgyU/9Ct7SiRzdHTSiTfFUITI9q6LEdPi7f2Q:1l10WFlFS/DTfFUJ9qTdPiy
Static task
static1
Behavioral task
behavioral1
Sample
2fcaae73e80aefac093facddf4e25014.exe
Resource
win7-20231129-en
Malware Config
Extracted
vidar
39.8
933
https://xeronxikxxx.tumblr.com/
-
profile_id
933
Targets
-
-
Target
2fcaae73e80aefac093facddf4e25014
-
Size
630KB
-
MD5
2fcaae73e80aefac093facddf4e25014
-
SHA1
02dbe04b2f1068cb786c499dfcf34895607f554d
-
SHA256
a0983e1772cefbf3e5695078124fb00d4333362b19a59a799811ffd2ccc2db5e
-
SHA512
218e313c2d60aa4985d3759388b3bc365a74fe718be07d3b747fdb7d073fbbc66668e4a486f2d8aaeae8242700a4f60c371f40721ffd97facfb19c06e2710b09
-
SSDEEP
12288:14Xa10WFCgyU/9Ct7SiRzdHTSiTfFUITI9q6LEdPi7f2Q:1l10WFlFS/DTfFUJ9qTdPiy
-
Vidar Stealer
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-