Overview

overview

10

Static

static

build2.exe

windows7_x64

10

build2.exe

windows10-2004_x64

10

Resubmissions

17-06-2022 20:38

220617-zevjfsfgf6 10

19-04-2022 05:58

220419-gn6c7sbef7 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    build2.exe

  • Size

    603KB

  • Sample

    220617-zevjfsfgf6

  • MD5

    a13e3b18282318c65f096bad322b3c50

  • SHA1

    2c76179e95e583b588bcd516e94e7a2da52d5299

  • SHA256

    ba981a94852325debf0e4b478266f6efd8e4e9c5b149fd9ad277be0be5045768

  • SHA512

    acb009f4b622ab7e8729dac2c45da975ba2305612c9575e5c8ce221edecf2d49da2236fc28b00d8f424a251765b935d8acce7bf40a1557d9fc79ba446250e786

Score
10/10
vidar517stealer

Malware Config

Extracted

Family

vidar

Version

51.4

Botnet

517

C2

https://t.me/hi20220403

https://mastodon.social/@sam5al
Attributes
  • profile_id

    517

Targets

    • Target

      build2.exe

    • Size

      603KB

    • MD5

      a13e3b18282318c65f096bad322b3c50

    • SHA1

      2c76179e95e583b588bcd516e94e7a2da52d5299

    • SHA256

      ba981a94852325debf0e4b478266f6efd8e4e9c5b149fd9ad277be0be5045768

    • SHA512

      acb009f4b622ab7e8729dac2c45da975ba2305612c9575e5c8ce221edecf2d49da2236fc28b00d8f424a251765b935d8acce7bf40a1557d9fc79ba446250e786

    Score
    10/10
    vidar517stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar Stealer

      stealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks