5.exe

General
Target

5.exe

Size

640KB

Sample

210504-tmq6b4afv6

Score
10 /10
MD5

67466140accc0e7627a4066413a54ead

SHA1

6840de50da8c11c41ea9ab7503844fe3cbc39417

SHA256

34197627fad94070514ffbfbe93c3df4eb9ed6df897095d2bcb1ca6848a8f096

SHA512

85cc86316f22f95a591028b07771cdfa04936440db46a115b329bcdc827112c43976470dc051876a0f24adbed57a8189a59e4c9c0ffbf1e2b330a389e104033d

Malware Config
Targets
Target

5.exe

MD5

67466140accc0e7627a4066413a54ead

Filesize

640KB

Score
10 /10
SHA1

6840de50da8c11c41ea9ab7503844fe3cbc39417

SHA256

34197627fad94070514ffbfbe93c3df4eb9ed6df897095d2bcb1ca6848a8f096

SHA512

85cc86316f22f95a591028b07771cdfa04936440db46a115b329bcdc827112c43976470dc051876a0f24adbed57a8189a59e4c9c0ffbf1e2b330a389e104033d

Tags

Signatures

  • Vidar

    Description

    Vidar is an infostealer based on Arkei stealer.

    Tags

  • Downloads MZ/PE file

  • Deletes itself

  • Loads dropped DLL

  • Reads local data of messenger clients

    Description

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Accesses 2FA software files, possible credential harvesting

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Persistence
                Privilege Escalation
                  Tasks

                  static1

                  behavioral1

                  10/10

                  behavioral2

                  10/10