Overview

overview

10

Static

static

10

12587c1b10...85.exe

windows7_x64

10

12587c1b10...85.exe

windows10-2004_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    12587c1b10db42589b5b5cf8c14198752c6807d0480fac55e024210d0b915285

  • Size

    555KB

  • Sample

    220603-t5svnagbhl

  • MD5

    8908e1556eaa543261fbadbea56ad2e9

  • SHA1

    8da4f5d3c1059a3f256ac64a4da0909913c9d123

  • SHA256

    12587c1b10db42589b5b5cf8c14198752c6807d0480fac55e024210d0b915285

  • SHA512

    19dc971087a9ba0c282032d4eaa99f459e0d475a25ec231773c397f544f819f849c860d3bc590d8fe9a06d29dde833c469bcaacbdf32271c9fb2bb2fd761b7f6

Score
10/10
vidar93stealersuricata

Malware Config

Extracted

Family

vidar

Version

7.7

Botnet

93

C2

http://search.ac.ug/

Attributes
  • profile_id

    93

Targets

    • Target

      12587c1b10db42589b5b5cf8c14198752c6807d0480fac55e024210d0b915285

    • Size

      555KB

    • MD5

      8908e1556eaa543261fbadbea56ad2e9

    • SHA1

      8da4f5d3c1059a3f256ac64a4da0909913c9d123

    • SHA256

      12587c1b10db42589b5b5cf8c14198752c6807d0480fac55e024210d0b915285

    • SHA512

      19dc971087a9ba0c282032d4eaa99f459e0d475a25ec231773c397f544f819f849c860d3bc590d8fe9a06d29dde833c469bcaacbdf32271c9fb2bb2fd761b7f6

    Score
    10/10
    suricata

    • suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern

      suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern

      suricata

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks