Triage | Malware sandboxing report by Hatching Triage

Submit
Reports

Overview

overview

Static

static

c7ad7dc565...0d.exe

windows7_x64

c7ad7dc565...0d.exe

windows10-2004_x64

Sharing

General

Target

c7ad7dc565687b2fe2b2652ffbd135188acb4eef29c2e0d72a116bd988c1e40d
Size

675KB
Sample

220215-gyt3xsdafk
MD5

cef76d7fba522e19ac03269b6275ff3f
SHA1

81cbb61d06fcd512081a5dac97a7865d98d7a22b
SHA256

c7ad7dc565687b2fe2b2652ffbd135188acb4eef29c2e0d72a116bd988c1e40d
SHA512

e4728e26ab451ec452fbb5b61fbc7efe4c7e3c138cb91ed2a4bb75a339bf2ee1cdee9f7fa0c03fb398fea3c6dd87c5075bff0095b6e55811198865550bdab33a

Score

10^/10

vidar 937 stealer

Static task

static1

Behavioral task

behavioral1

Sample

c7ad7dc565687b2fe2b2652ffbd135188acb4eef29c2e0d72a116bd988c1e40d.exe

Resource

win7-en-20211208

vidar 937 stealer

Behavioral task

behavioral2

Sample

c7ad7dc565687b2fe2b2652ffbd135188acb4eef29c2e0d72a116bd988c1e40d.exe

Resource

win10v2004-en-20220112

vidar 937 stealer

Malware Config

Extracted

Family

vidar

Version

48.1

Botnet

937

C2

https://koyu.space/@rspich

Attributes

profile_id
937

Targets

- Target
  
  c7ad7dc565687b2fe2b2652ffbd135188acb4eef29c2e0d72a116bd988c1e40d
- Size
  
  675KB
- MD5
  
  cef76d7fba522e19ac03269b6275ff3f
- SHA1
  
  81cbb61d06fcd512081a5dac97a7865d98d7a22b
- SHA256
  
  c7ad7dc565687b2fe2b2652ffbd135188acb4eef29c2e0d72a116bd988c1e40d
- SHA512
  
  e4728e26ab451ec452fbb5b61fbc7efe4c7e3c138cb91ed2a4bb75a339bf2ee1cdee9f7fa0c03fb398fea3c6dd87c5075bff0095b6e55811198865550bdab33a
Score

10^/10

vidar 937 stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vidar937stealer

behavioral2

vidar937stealer

© 2018-2023

Terms | Privacy