General
-
Target
3d9b1ddce39d90bb1efa52a5f866f74ea8b9acb922ec27fb15b753e45c864c90
-
Size
56KB
-
Sample
220215-retcdsffe8
-
MD5
52d5dab06aa1b976bb7c584b36f95c2d
-
SHA1
b5b3cdd6e1ac21f8382991240cac3d50af63f967
-
SHA256
3d9b1ddce39d90bb1efa52a5f866f74ea8b9acb922ec27fb15b753e45c864c90
-
SHA512
7aeaae80477fafc739a1fd3e98d2646af080a54bf8aa78d7c8ab38bef75577d59bd2b868c5d5d8e1108a0d3c4cc10dbe2fada31cf7073b89030526d619c29e9e
Malware Config
Extracted
vidar
48.1
754
https://koyu.space/@rspich
-
profile_id
754
Targets
-
-
Target
3d9b1ddce39d90bb1efa52a5f866f74ea8b9acb922ec27fb15b753e45c864c90
-
Size
56KB
-
MD5
52d5dab06aa1b976bb7c584b36f95c2d
-
SHA1
b5b3cdd6e1ac21f8382991240cac3d50af63f967
-
SHA256
3d9b1ddce39d90bb1efa52a5f866f74ea8b9acb922ec27fb15b753e45c864c90
-
SHA512
7aeaae80477fafc739a1fd3e98d2646af080a54bf8aa78d7c8ab38bef75577d59bd2b868c5d5d8e1108a0d3c4cc10dbe2fada31cf7073b89030526d619c29e9e
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Vidar Stealer
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-