General
-
Target
6e22c0f2732195063cb4984c6520c3b85e1236e967f8bb05b3c1b35139d2917b
-
Size
8.3MB
-
Sample
240527-xcdrtadf6t
-
MD5
ae47c12b9320e702a9ce243193494554
-
SHA1
28181880164f5f73c611126dee950af8036e9988
-
SHA256
6e22c0f2732195063cb4984c6520c3b85e1236e967f8bb05b3c1b35139d2917b
-
SHA512
4714222f820c54a564d58607ade523699a5aa5f0200da7b7d7dcf6fd5b35635ff63592a1e7804c3360aa164733ebd677711dd33c4af8093e8d2eba7c61177d8a
-
SSDEEP
196608:Fv1W8cKlJIszteRKn1chTDQfW7ancKlJIszteRKn1chTDQfWg:Fv1W8v1Bee1chTseenv1Bee1chTseg
Static task
static1
Behavioral task
behavioral1
Sample
6e22c0f2732195063cb4984c6520c3b85e1236e967f8bb05b3c1b35139d2917b.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
6e22c0f2732195063cb4984c6520c3b85e1236e967f8bb05b3c1b35139d2917b
-
Size
8.3MB
-
MD5
ae47c12b9320e702a9ce243193494554
-
SHA1
28181880164f5f73c611126dee950af8036e9988
-
SHA256
6e22c0f2732195063cb4984c6520c3b85e1236e967f8bb05b3c1b35139d2917b
-
SHA512
4714222f820c54a564d58607ade523699a5aa5f0200da7b7d7dcf6fd5b35635ff63592a1e7804c3360aa164733ebd677711dd33c4af8093e8d2eba7c61177d8a
-
SSDEEP
196608:Fv1W8cKlJIszteRKn1chTDQfW7ancKlJIszteRKn1chTDQfWg:Fv1W8v1Bee1chTseenv1Bee1chTseg
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-