General
-
Target
3fb54645fba660ad5c6824ccff364832
-
Size
543KB
-
Sample
240104-dd4vvahhg7
-
MD5
3fb54645fba660ad5c6824ccff364832
-
SHA1
107f0844fc867bda1b7f664421c92712bc2a9a5b
-
SHA256
de05db338a5854f13a46e498a6ba4484b7bd47062ed3adae9a93bb8cc767d3d9
-
SHA512
ae80fe134835548a3684a2f68248a2e55a9a1db096e0a014a8fd56173141b8a11b6f07ec982f4b096436250b9ff22edf8c9d7f6439a07ce3e8f9735a94abf339
-
SSDEEP
12288:F1Gt75Q2a/P457JGNor4kLNpJDg8RFdn5nHhhTUUmviVn0woO:k75a/PIdGiLNvJRZhFhgiE
Static task
static1
Behavioral task
behavioral1
Sample
3fb54645fba660ad5c6824ccff364832.exe
Resource
win7-20231215-en
Malware Config
Extracted
vidar
39.9
706
https://prophefliloc.tumblr.com/
-
profile_id
706
Targets
-
-
Target
3fb54645fba660ad5c6824ccff364832
-
Size
543KB
-
MD5
3fb54645fba660ad5c6824ccff364832
-
SHA1
107f0844fc867bda1b7f664421c92712bc2a9a5b
-
SHA256
de05db338a5854f13a46e498a6ba4484b7bd47062ed3adae9a93bb8cc767d3d9
-
SHA512
ae80fe134835548a3684a2f68248a2e55a9a1db096e0a014a8fd56173141b8a11b6f07ec982f4b096436250b9ff22edf8c9d7f6439a07ce3e8f9735a94abf339
-
SSDEEP
12288:F1Gt75Q2a/P457JGNor4kLNpJDg8RFdn5nHhhTUUmviVn0woO:k75a/PIdGiLNvJRZhFhgiE
-
Vidar Stealer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-