Overview

overview

10

Static

static

39BEE43DDD...8A.exe

windows7_x64

10

39BEE43DDD...8A.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    39BEE43DDD3E75352C918E0554ACAF8D8E78F0765678A.exe

  • Size

    545KB

  • Sample

    220531-3t3edsdea5

  • MD5

    f75d3f9245837bf525c550af11676322

  • SHA1

    3787b1420765f1839f072c3139220ac9a69acbb2

  • SHA256

    39bee43ddd3e75352c918e0554acaf8d8e78f0765678a0ab704513ca18822a66

  • SHA512

    7c825fbef7205331f186326464bc89c5ac2ee7fc3065edf382e0ed684c7807a738aff652c53248502781b4ee5854f54b72d357c318e1b4a12066100dc37128e2

Score
10/10
vidar237stealersuricata

Malware Config

Extracted

Family

vidar

Version

26.1

Botnet

237

C2

http://centos10.com/

Attributes
  • profile_id

    237

Targets

    • Target

      39BEE43DDD3E75352C918E0554ACAF8D8E78F0765678A.exe

    • Size

      545KB

    • MD5

      f75d3f9245837bf525c550af11676322

    • SHA1

      3787b1420765f1839f072c3139220ac9a69acbb2

    • SHA256

      39bee43ddd3e75352c918e0554acaf8d8e78f0765678a0ab704513ca18822a66

    • SHA512

      7c825fbef7205331f186326464bc89c5ac2ee7fc3065edf382e0ed684c7807a738aff652c53248502781b4ee5854f54b72d357c318e1b4a12066100dc37128e2

    Score
    10/10
    vidar237stealersuricata

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern

      suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern

      suricata

    • Vidar Stealer

      stealer
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks