General
-
Target
TradingView_Premium_Desktop.zip
-
Size
128.4MB
-
Sample
240910-sc4wsa1bne
-
MD5
6c4d24e1710a14c832915379822f2621
-
SHA1
ad72520e04da40d40b483d3e54413328c676d2e2
-
SHA256
54ef15a9bcf37372f617cc0a10b5a77c6de142ecd3e41da3d2df163c49dfd3dd
-
SHA512
e9618cb20133390bfa2dad2c3377560d96334825a6888dd8e2777b057eb2ca5dda979044d80bb95823ea5195077365e696acc18aab970c22d7b242ce9c7cb6f3
-
SSDEEP
3145728:pSeRRBQsZpVHeGqX+VDWG29+MyRPjgIevC1zv2lnDYe3I:zRBQsZpF/oKz29+ZPcIsCpEDYOI
Malware Config
Targets
-
-
Target
SDK/Assemblies/Microsoft.SqlServer.PolicyEnum.dll
-
Size
51KB
-
MD5
bd9b59cfba17d0036cff233327b0fcfd
-
SHA1
bc8e1f40d84ae45e6b50dff9f9990495d674b9e1
-
SHA256
0e5e0d084ed8de6d7160d12155701449e6b23ab3898bce9477f0dfc9491ce3b1
-
SHA512
bbf8d7bfdd56feac2eea20615d4a055972b9ee26074524cafd28e8f1c99a65389074843e7a3dbcd1b66595663cb063549d68b25b72c00c220dd4a80899f31f3f
-
SSDEEP
384:Au1H0hEsIJWX8F7RgaWn/lFoZCgiWbcfXeg3/c0z1h4mbjLXHIJUpXNeWDeLWDhv:dDcL9KiMGAx/o
Score1/10 -
-
-
Target
SDK/Assemblies/Microsoft.SqlServer.RegSvrEnum.dll
-
Size
83KB
-
MD5
67373cc732008e4994d7cfa9394cb0e0
-
SHA1
b847e0e2e35e7cbd9b40d96f3fbfbb00523d8411
-
SHA256
84aa625ce6e72edc3a6c59630117ef35ef4951f53f828a96026dba10b653e1fa
-
SHA512
869b18c3fe6e564843781561b3d4cb502bfec24872933af0127344535ff259a040544193d19b26ffd7a69289bb8389e77f3e7e3946d657d2e00a0cfe18fb7130
-
SSDEEP
768:eFs7OrM8rjYrg8LSp+yKWys5JGTttoZuCMGA4dV:6s7OrXjYl8+yKbsiZC3dV
Score1/10 -
-
-
Target
SDK/Assemblies/Microsoft.SqlServer.SString.dll
-
Size
43KB
-
MD5
5441b981c0893e8f5766257bbb85170a
-
SHA1
1320c23c0b15d926db16ed1901769f6b9a717769
-
SHA256
e72db19c34536428706409e1e5c4bb41e8d22492d6076854f565db19fa6c3b19
-
SHA512
75b1eaece2507bfb22578d57ba612fa2b53276f3b87e0536c179ecbd4d3d761c6aed8208357b5e8b8e441855299731fd9e9c1225ee603ee768ae1a59243a594d
-
SSDEEP
384:0lqB3Kf3a23a23aguJ/AerhW+TdRqP92KzwzuWdzGWkhPapBjTeajCmTtvZkHlHv:lDLLserY+Td01IFsGA2tSpSo
Score1/10 -
-
-
Target
SDK/Assemblies/Microsoft.SqlServer.ServiceBrokerEnum.dll
-
Size
55KB
-
MD5
ea2fb6ee4e5da5c05315f80ef4b66db2
-
SHA1
775e8280bc20663ae429ff37f946b88a33425adc
-
SHA256
a22480335f902f373444900d424563df8ee7fe87092c48edcf96ce0c66e2de9a
-
SHA512
b57383d80883b4282549976dc516b35a9fc9a9579ad93218abd80bbfc6eeab8d0485dd47cbb5a9e3e86f8cfe1a92097cede70b905c7b0d58ed2952c1d1e76fac
-
SSDEEP
384:EASpuEf1o3tZp/NtrYCHCkV5rcqoN0QEkxt4SEBsi39zRX3jt1QMXHpRARQg5B6W:RC9XHBKwbUGAyMT5u
Score1/10 -
-
-
Target
SDK/Assemblies/Microsoft.SqlServer.Smo.dll
-
Size
3.4MB
-
MD5
62afcd9cf3d16c3e6fcfc03bb25ae4bc
-
SHA1
cecd97b7f226baf4101e43a7b301ab97ae33359e
-
SHA256
da94df6df6b07b0fa84923c0fea229b8fda2243b10506637d1abee066ba5a0db
-
SHA512
e6fdf8723a03e81e4e0e07651fc55d3479d84deeb90508d3d4a4d812630a87e022101f803ee7adfd4707012cccbdcd1d699334744e051f0607f6d903a0cca336
-
SSDEEP
24576:3ac843VRxz32FZTyIyeE24oX9A+2lnNrMwk4+4FleCiDE:qhTZolNrMwkb4Fle6
Score1/10 -
-
-
Target
SDK/Assemblies/Microsoft.SqlServer.SmoExtended.dll
-
Size
227KB
-
MD5
9cacccbbdf4d35ebea8344779ed7130a
-
SHA1
0fe7d3bad6cf74d55be87bb7a13680ec7a857c3e
-
SHA256
82e20463ecbe2eb8d1439a7d5bb98eddfdbeb40ce49347c9cd8df199ae7d3079
-
SHA512
2c68c6389d858549b1a9b133965413c29588d6cb7d14600013fab5ae53b735b50e7752916e768dd90e9f38a54c6f3e7d9a539e22073ed368b14d173eb6739c2d
-
SSDEEP
3072:Fh9BnbYJJ9QjtVlW1qCrLef38XIpdgbpJxZ0B:NBnbmrALKq6Lef38SQpZ0B
Score1/10 -
-
-
Target
SDK/Assemblies/Microsoft.SqlServer.SqlEnum.dll
-
Size
1.3MB
-
MD5
443d02f94074380ae287280cdf9d7d03
-
SHA1
341f88607e6d056fe10dc16204851e0bffe7a41e
-
SHA256
08b6bc199d9fbe5720906cc2dcac17ca7f18154f1254299c0b278caa20be537f
-
SHA512
1cddf82de8dcbb8563ff54e497e0cde2e813145320fabc3ce118eb3974e917436610b9014a5b49da03a0e854f02f2ac0c170aec5ff03e3a58aacb10e4b3e75d3
-
SSDEEP
12288:7wB8t7nUWjjlVELu3i3+34A0ajD21bMPhA+FDnqqKga0FtYH6Ml4rYESZjOy1jlo:7wB8t7nUW2y/OH07db46RRfMk
Score1/10 -
-
-
Target
SDK/Assemblies/Microsoft.SqlServer.SqlWmiManagement.dll
-
Size
175KB
-
MD5
9cb67c8356e30edf2607f7a21f1c972d
-
SHA1
527d29288669b6452ad89ef7adce187468d5240e
-
SHA256
982ebc8d7c9186c7b6a181b308a540dd6cdd1fb2f874cfe5a0c100cb03838a10
-
SHA512
473521a8d678bb1374512235a9d507ab91be758bebdbfe73fbddec158aadb167a9b69cfad8657f9a204ea9cf9c71ea0f03765e23b44c54cf45de8bf474035d7d
-
SSDEEP
1536:m7mfQspwbV696AUP+PYQOgr8eD4ahDkDWH02Dt+v1/Hb1XG7ml9LJXEtCEwbbKBO:RpcVA6AUP+PYQOgrxDphDkqUQZPQWOB
Score1/10 -
-
-
Target
SDK/Assemblies/Microsoft.SqlServer.TransactSql.ScriptDom.dll
-
Size
2.3MB
-
MD5
515a692785f4f9a59ed8174cf2f7b3e8
-
SHA1
b9708d762b24aaca22fd79461d8ee8752ebb97aa
-
SHA256
4efdc459492b8a3ede761cb733f7d69a0dc94215f94812542741110f40abd094
-
SHA512
81c680cbb93d50d30f659b9793460c14af5bbad74a72facebadfcb8beb6fb8639604c9c5352b9a1a323970fd0549c5982edca3eae0c62fc925914b3482d9ae75
-
SSDEEP
49152:Aws5oX+QgFYoCqK6/sA2xVo7FCs/Z5ErGD5N:AzZ5E8
Score1/10 -
-
-
Target
SDK/Assemblies/Microsoft.SqlServer.Types.dll
-
Size
374KB
-
MD5
25656a196ed967bcd4b152a4073b8b44
-
SHA1
a9b64b8a42c9da3243378f2a17a9ff8057154116
-
SHA256
36c3e5efd0731ccf5ac9a341c488b4fd14c69747f5a3f6e4cd976a7c1288b3b0
-
SHA512
3903556d2130a219e9795856a14eb28926e3b798eabfe96353300ccc1c11925aff2f417c9ca588f2ddd0df47d6a64517980a39752edade9ad725f6ee4aa16383
-
SSDEEP
6144:OVcpT4frcU6MM6Hymh8qME8h2x1mobeug:vMFRx105
Score1/10 -
-
-
Target
SDK/Assemblies/Microsoft.SqlServer.WmiEnum.dll
-
Size
55KB
-
MD5
d576355d5dd6e02dd2c683fc67b6b3c2
-
SHA1
8cd6e40897249f6a408f5d7b3e5826fb23f45203
-
SHA256
e57d10b38aba9ed41f17409e5478554674bf92382991581436325d6ad3dc00fb
-
SHA512
3bf5bb530c13363cdcf7cc07ff6ec86e7b21031183d4dac5e5e0d73769defbd5c9b9b626514bd24584f86d077bc9598422d07e4d705a49b3159a67b46131edf4
-
SSDEEP
384:xj1pnizDV1snpZg8Uidrd8pIgUmpHNQ07KO0/0NWocx7vEjJ00TMPqIWLzQWYhPs:xxN0yUIrd8ptTHNQl+YqiGAMwUvt
Score1/10 -
-
-
Target
SDK/Assemblies/ru/Microsoft.SqlServer.Dmf.Adapters.resources.dll
-
Size
39KB
-
MD5
6547e53eff377a7fe5927150db6894e9
-
SHA1
979c4c2247d09e239a702ab14467839ab5532f53
-
SHA256
5efb3de427e369bdbdadb01d7f8f72f4d76a086b68af148e8771b43303b99a53
-
SHA512
40f51fa157abb81f7283ecda4b38481941b295c5bef0295cb9660f0201fbc19a02215fbef59924018eba7778b99d90565719abefee7c10540e2307fa5d0f2d46
-
SSDEEP
384:eOHpjEIE8afBdDmYq+vduijkWOhPapBjTeajC7awivZ/lHMX:TJYjRfAGAZawiXi
Score1/10 -
-
-
Target
SDK/Assemblies/ru/Microsoft.SqlServer.Dmf.resources.dll
-
Size
55KB
-
MD5
7e649c8d1bc71af97cf8c004815b7ab6
-
SHA1
e5f60dd53e7ba495a749aa78cb409cf8d51b01f8
-
SHA256
58bf3f60a6e600b818937b0f04503668258472b466ea35aecdd62e6ade2e1fff
-
SHA512
64cfc9db9d5a499f727169e2d6ccfd73c84ce797bf9697706032928c1ac607937c2c8326d453108cb41d130ad0ee61ae761ee10d2ef744e1975e660247ec80e4
-
SSDEEP
768:UyAy9zf1J1D6FCaV5L/bH7wohyTITDofwMHuMGAnoW:Uy/1WncTITGwiuAoW
Score1/10 -
-
-
Target
SDK/Assemblies/ru/Microsoft.SqlServer.Management.Collector.resources.dll
-
Size
26KB
-
MD5
d829449eef017a0c9c777e3063cda7da
-
SHA1
648bd9c9b0e3f800dd4f5024c7848ee8cf68ee16
-
SHA256
d49808ccc6685f911296f498b82aa56ae2e27ebd191ee52cb01c43baa51de92c
-
SHA512
1e8774fc98f89ada70d61c45796afa4aa11ae9f8f213b425390b93061119983ec6042bf22142ec57d4885200f5bb581b49890d45bf4a441ecdba0c917fe50ece
-
SSDEEP
384:75dnDbttJRGGD7XW1hGeDpBjTeajCgSPvZllHMjDy:7fnJRtIMGAHPhaG
Score1/10 -
-
-
Target
SDK/Assemblies/ru/Microsoft.SqlServer.Management.CollectorEnum.resources.dll
-
Size
43KB
-
MD5
d635bf17d8e0d92cf5e241986013e81a
-
SHA1
bcdbf71d277edbf80121b31e54846cd2cdcb384d
-
SHA256
22ee683d767ab6db0720368f492a702df0bf66508b4ab4f20cb5aa0d1439b3c8
-
SHA512
64eb1827b5a6860c57c95f155d30f524d735a676cda8d38b2bb321b5e95f135708eabeaa6876b14d83dfe8d5085f279d93720fc8b9148dd81f4a759585d3766f
-
SSDEEP
384:2hx39sKd7CSMslDoRVxPu3JOwpZVYftBE4IcpUFo+3q21W6HNpH8WIhGeDpBjTed:T57+b2MGAA2h
Score1/10 -
-
-
Target
SDK/Assemblies/ru/Microsoft.SqlServer.Management.Sdk.Sfc.resources.dll
-
Size
159KB
-
MD5
f5c22ca3d5b02e055be2c2ce3a9db1e7
-
SHA1
762bc7e6db05b42e43ee9036abe8526b24ce8521
-
SHA256
b8d37fadc38ad42c60a001f2e1068f1cf60678a2325a53f73b46563e3c1d314c
-
SHA512
7701022805a4847231b213c10f97f9693de2b40e95aba0e18e350900e79c4c2451b7b2bf02aa9e91bddca7382307a18e9224e6cc4c8aba29f1bd519acfa76bf1
-
SSDEEP
3072:hQBHenBLSS0Urzs7MnTKdBrt9nR1qZF1LW:hQBHqAwLW
Score1/10 -
-
-
Target
SDK/Assemblies/ru/Microsoft.SqlServer.Management.Utility.resources.dll
-
Size
71KB
-
MD5
3f6240a971fe3591c283f75ed6214dd7
-
SHA1
64acd1458a88df28cf9ef795fd0b39593468eb7c
-
SHA256
3b3283f8813584aef08a8c1267821f50e0b781a1a01ce64e4dc3c92924434962
-
SHA512
559bdf6fae4f70856c0bc95ce3115c110d2ab9f2eff5c04a0874bf5f6fad886a38f116dcdc5af10a3bcf85a8bb725b30a2f7024ed0dcbee96d5d7c70fa68a9f8
-
SSDEEP
768:/toRlBTyKkx3e3hnRV5y2xNOYTK6lP2IxCYhYdXUg9iCfX3h3jGAAInMnSX:QNR+YhY6g0kJjjneSX
Score1/10 -
-
-
Target
SDK/Assemblies/ru/Microsoft.SqlServer.Management.XEvent.resources.dll
-
Size
47KB
-
MD5
aeaf10add3973e83f837fca0b228d849
-
SHA1
52c737453a3cc60e72d23eefb30f1c479b2c492f
-
SHA256
b0be14db54d5416c19214a9d134f611dd100871cdc8d2639cb2fa123b09de8f9
-
SHA512
763d894dbe4e915052ee7cbee48d9f8f9b8d33872638660447d4d929b01f106c5823ef8473c3caba71a618eb9279ab64e4b7f7ebb5d8e8e798d7b31cbcdbbe59
-
SSDEEP
384:lBq19Gl12cos+wLxA9vdy/rjrNmEsDvBBj01QBBjI+4VREVREVRNFVRaVR2VRxUE:vm9s1zoLd9Ijr2Ds1PQdIDuSNGAIC08
Score1/10 -
-
-
Target
SDK/Assemblies/ru/Microsoft.SqlServer.RegSvrEnum.resources.dll
-
Size
21KB
-
MD5
c9cbba1cad4aa5a26387e74636fb81c3
-
SHA1
1e8d518e27c6fe2c154e01732ef70f35b0b22433
-
SHA256
376ae73797be14f549dd624c42cb2fc912668edd30fd65e2e2525b884020ba03
-
SHA512
586f2dc3d74fdfdb4e6223a04f36389f04540a1c08f14aa103416828b1b740047c2ec4b24789376011e8f90eeeb5cabc43616c6eabc2c4c8627495591536969e
-
SSDEEP
192:I6Gor39Zrg8+VnFW6/jwObdhoAapBjSebyaAqjkKiTbejPWEOU6juZVWQ43W0jl9:5aVFWUhPapBjTeajCEzvZeYlHMsI
Score1/10 -
-
-
Target
SDK/Assemblies/ru/Microsoft.SqlServer.TransactSql.ScriptDom.Resources.dll
-
Size
38KB
-
MD5
8f6441e89bc570ef2a2f70ce84503823
-
SHA1
77801da5f4aca4ad213a7a446f096c178d261c04
-
SHA256
1a7b8128d6ac2c1338c999d9fbceffe41de1a258ef348885943c08276b4e46ad
-
SHA512
cb902f13d41722d55c303bce19a99f5537742dc51bd905f984de11e95e890472561309c429eac8ea791d2c6fb3f21db214b908bb2058f87e439e0bb6e3e39e9b
-
SSDEEP
384:ecGSgp1EETUwP+RBOR+9Lxzp+8s1islYsWXhPapBjTeajCcCJvZrlElHMN0:lgp17T1m9lzp+gZGAXI80
Score1/10 -
-
-
Target
SDK/Assemblies/ru/Microsoft.SqlServer.Types.Resources.dll
-
Size
55KB
-
MD5
338f6249d89d1f08a492a61d9100ab1d
-
SHA1
5dbe1b5c859f047407de278e0e40209fa52ad84b
-
SHA256
4ee9253f96926c3aeced3f0228aa6540e651885294c9206ea9b790af128ed597
-
SHA512
6841e55cb2667c20d8ed22d8db41f6907d7344b07e8ab9cf6f1d03492edf10ff6d1c564a041b2e16c99aca326d402289651eb572122c4d5b0b97479495c5c977
-
SSDEEP
384:RiF3JxhFi+OjN2gMSGeDvHkbjdoqWShPapBjTeajC1vZqlHMI:RiF7hFsjN2KGeDvEeuGA38V
Score1/10 -
-
-
Target
Shared/Microsoft.SqlServer.Types.dll
-
Size
374KB
-
MD5
25656a196ed967bcd4b152a4073b8b44
-
SHA1
a9b64b8a42c9da3243378f2a17a9ff8057154116
-
SHA256
36c3e5efd0731ccf5ac9a341c488b4fd14c69747f5a3f6e4cd976a7c1288b3b0
-
SHA512
3903556d2130a219e9795856a14eb28926e3b798eabfe96353300ccc1c11925aff2f417c9ca588f2ddd0df47d6a64517980a39752edade9ad725f6ee4aa16383
-
SSDEEP
6144:OVcpT4frcU6MM6Hymh8qME8h2x1mobeug:vMFRx105
Score1/10 -
-
-
Target
Shared/Resources/1033/sqlevn70.rll
-
Size
2.5MB
-
MD5
27d0d43f7ee9daefc96eef48620bdb4c
-
SHA1
83c84ce3c517871dec311500001db5c501d25be3
-
SHA256
4790c4c828d21865b556b48bdbb0dc84fec7e49e8fbccfd5e75c9dcfb86cae5a
-
SHA512
fd651fb3cb9335db0a26fd58bc0831a0e91c437ca1a65355b968cf0900fecab1289b6660e64220c330b00c456e1a40e6536e8ad0a3df3f58021f6c1a47861530
-
SSDEEP
12288:GgNYGl0T5TJ4IkbB84tgpciKgYLtXU558:GgNcTQtgVKS8
Score1/10 -
-
-
Target
Shared/Resources/1049/sqlevn70.rll
-
Size
2.8MB
-
MD5
35e743c24d8eda76966acf60ed8b337f
-
SHA1
9eacb67db44b21d2091a50f2d7a7ba7cfa7bfbea
-
SHA256
09c875779139587ede45c49cf14173d7ce1b68246471a4f5b67dad021e5085ff
-
SHA512
a25e279baca808528e8d9c0d824ca008a3666eb62f483dc3c9f81c503c97d22689c4ef8e525bf45844f865200f85a3b0a9b1911535fc427e51269043f5983a5e
-
SSDEEP
12288:Y2LLINEgCKk8WfQV8vdjH6m9csYVkTzwx/1:Y2pgn8vK1
Score1/10 -
-
-
Target
Shared/instapi110.dll
-
Size
47KB
-
MD5
f9ee4c23a7bdbbb94bbfff3da087b431
-
SHA1
b8dad015dcd170bc84e8ae333c66e40c7e4090c3
-
SHA256
fc988b3fad95fd8ad36d829c9bfa2f36dcd517de674705a3928ad3384354f34f
-
SHA512
9ba5b2865854929f6ce41139c0a2db61ff49291b0a4e8a0ba653ed622406c0cd9eaeaa4df44fccddc03f0ad621ae75db071d93b76454d4be468334069d8bf5dd
-
SSDEEP
768:6YNhRVG+vZ0Q3V0qOflcSpvxxqGdhO2zUGA1el:Nt48Z0hcexKEUJel
Score3/10 -
-
-
Target
Shared/sqldk.dll
-
Size
1.6MB
-
MD5
9284cdf83b7b75720344b616864e8766
-
SHA1
0ff8fe5eed78440044f1b6afe117e91d2453744a
-
SHA256
5ab3dfd1f5c303688593e8779dca3fdeb3075647cc675df4d3a23a0a3f90f84d
-
SHA512
6b9fbcbafe732720e3bc7b4ff15a1349b55d46fc760ab2961193c4103439aeaa1313a950436de80fa6d2c78e9e4334a1d64c157046ec4ce41c2ce32c6df2665c
-
SSDEEP
49152:aBTO/KEiThdwXGn736mpSLa2CWtvhpW6xaf+MBAm7PdQJDdwczf4jW:ZyDThKmWtvhpW6xaf+MBAm7PdQJDp
Score3/10 -
-
-
Target
Shared/sqllang.dll
-
Size
24.8MB
-
MD5
29f692b545d0493d4d2257439c6969e7
-
SHA1
fccfcd17acf600abafe4671be0a1e0d9c06ce3f6
-
SHA256
f51cf85cfe31f0b447ad5d6000d176b64de50b5e7a09a0af9f59c0a23cbc729c
-
SHA512
dccdd19aba438f40fd944988f4431a905633cd29048de3b45c924350db67ad481bb221546c41145de93bc1f210c5c9e830a6dcb95127c04f8c80924647f027b0
-
SSDEEP
786432:bNCDpdcZRUQeXCcIOwpjfUwLMusl6xVxKwDu5ZKj0YPmSRVYUzFLSm9GPW22hlcB:bNSWaQeycIOwpjfUwLMusl6xVxxu5ZKu
Score3/10 -
-
-
Target
Shared/sqllangsvc.dll
-
Size
51KB
-
MD5
fe645bdecf22601e9fdc293aed23ba0c
-
SHA1
a665dd12847f2f19a18e68329c98ec543e295027
-
SHA256
b5108ecfc1dd73e8023d609d5edd8e6dbc5279991a0ae1628f0ca2932b61010b
-
SHA512
43ac5d53d58c18c0983cbee628ff31dd3ad643b6b9e2ae1bae6d604885538a6733eb05551984dd7cbbb2ae00904e43ba3755ee007c83f874d0627d891e4162b8
-
SSDEEP
384:3xZhtomhKV3lOIEPiswqIWqmxD/lmXruk76OeyO4tepvgizbPVHMgBqPWbdWEWr3:DhteQ/RxlcrP9evjbdH1nlWhMGAedt
Score3/10 -
-
-
Target
Shared/sqlos.dll
-
Size
23KB
-
MD5
d5678b23d062bd0acdc4b6d9e88c9585
-
SHA1
0f9ea289f11eec5b5bc8a00f70d36b84b33f8455
-
SHA256
c8fe018e57adbb1a5328192e8e9be4a5eb15829ff5ab2713b00c6be7dca98e1e
-
SHA512
353669e3d65153425f45fcf0c63b603de96a1213aee9db824865c2a80955c465b2e382f01dc91baf8505ff8b970555cccafacc88f4fb4eb20d32bb1f75703d90
-
SSDEEP
384:XkA5+yhXPVGfPPWY7W/hPapBjTeajCCcwvZQlHMv:RhXdyL+GAISm
Score3/10 -
-
-
Target
Shared/sqltses.dll
-
Size
7.8MB
-
MD5
344479af61cacc9c64bca055297afec1
-
SHA1
cc5e66e6dffa8a243193a8d25424dd81c8d85eac
-
SHA256
ab859a1d945cb99e2e52e218ef442234d1436f9aa9a81b76ebf85068ccdebc05
-
SHA512
cf76823c207ccbdc298a863b123c9a84e28e3e41c796ceb55d77fdebaa0ed9f7eb5262efd39bd393cc86319d98275a485e791d3d28b2f92a8d9d69866ba946e7
-
SSDEEP
98304:Pcd0ZA68mlyCINfopv58AROqst91tJ/maN6oOv58ALBU10BV:ksZOGJROqshtJ/FiJLH
Score3/10 -
-
-
Target
Shared/xe.dll
-
Size
399KB
-
MD5
063ca314262d277a92189028a9e094fd
-
SHA1
3f8fb62d6b38ae258dbffda4d9470c78753c3814
-
SHA256
0ec09cd7d58aeb260fe82ca79ad16c353d7053a665d98f4deb26eba5e2b6e9d3
-
SHA512
0ef025c85545377d67562bef8744c0966262fd5ffe7fded4a9958ad01cab19e319b7f29fb45d4187a4930611d6b0dea0be32097cb78ae8423934080f7038193f
-
SSDEEP
6144:w92cdRECvTmwWWx3t7893HQPRe/3maKQM:wYVCbm7m3F893HQsfmaKL
Score3/10 -
-
-
Target
TradingView Premium Desktop.exe
-
Size
780.5MB
-
MD5
a8d7c0aebbf520ff186e9d714edfe68f
-
SHA1
15926337348cf7e2944a0b873a0c77045cfc4fd2
-
SHA256
daed590e02f1a581ea6ddf5b74eddb71c7098207f996388a41741c2324d52778
-
SHA512
b3684ea3684dd74f42ad8364692fa9ccff323a22a816c80215b63318e6686b36eab14b09c546a54a655b845921af1457e41af99e3bef79b2456748fdc454994f
-
SSDEEP
196608:/W4aUXOrv/W6+gA0ljsRiDqiEpeZEHRQDQtCzEdowpzok:+4aUKvuMAijs4DqRMEdowpR
Score10/10-
Detect Vidar Stealer
-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
4Credentials In Files
4