General
-
Target
c12b74ac5f1b7c8b232f1b2fc830739e
-
Size
686KB
-
Sample
240311-vx3wbsbc69
-
MD5
c12b74ac5f1b7c8b232f1b2fc830739e
-
SHA1
101063aea494e57423d98da511d976ce0784db57
-
SHA256
4fd5f26eddfdc90a90dc20e8109caa2c10a71ecfd86a10ca94899ada0733e453
-
SHA512
6368bc1bab671007dc1bb511f681ad3c92f9f759df247718dec1b263e2dd96438fdc9fb9d3e1b59b94e42b9fc97333296987f75163688a36f3fbb11f8ae752e1
-
SSDEEP
12288:e2s0BhP2PFro43nQMmo4RRNc0g+W2rQeQlAi3l0XLoRPi9:ZscQPFc8HTWK0g+W2rI6kRPi9
Static task
static1
Behavioral task
behavioral1
Sample
c12b74ac5f1b7c8b232f1b2fc830739e.exe
Resource
win7-20240221-en
Malware Config
Extracted
vidar
39.9
921
https://prophefliloc.tumblr.com/
-
profile_id
921
Targets
-
-
Target
c12b74ac5f1b7c8b232f1b2fc830739e
-
Size
686KB
-
MD5
c12b74ac5f1b7c8b232f1b2fc830739e
-
SHA1
101063aea494e57423d98da511d976ce0784db57
-
SHA256
4fd5f26eddfdc90a90dc20e8109caa2c10a71ecfd86a10ca94899ada0733e453
-
SHA512
6368bc1bab671007dc1bb511f681ad3c92f9f759df247718dec1b263e2dd96438fdc9fb9d3e1b59b94e42b9fc97333296987f75163688a36f3fbb11f8ae752e1
-
SSDEEP
12288:e2s0BhP2PFro43nQMmo4RRNc0g+W2rQeQlAi3l0XLoRPi9:ZscQPFc8HTWK0g+W2rI6kRPi9
-
Vidar Stealer
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-