Overview

overview

10

Static

static

10

b0a671b7ef...62.exe

windows7-x64

10

b0a671b7ef...62.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b0a671b7efd31ef626581aef4be6af4e3c9a7a840b6959ad66ffee186354f862

  • Size

    557KB

  • Sample

    220724-z4xecaghcn

  • MD5

    885a469df9346a97e0e4dc82a0e5dbe7

  • SHA1

    0c43af591710b049749428d00f100eeb07db091b

  • SHA256

    b0a671b7efd31ef626581aef4be6af4e3c9a7a840b6959ad66ffee186354f862

  • SHA512

    51fe933b476da96d36ed57f77433b3f3ff141935428f11ea4b1c87fc558795db8344d0eaa6faf41e7994dd14646306aafd770f429ec70e40f634ddbf4ce82011

Score
10/10
vidar93stealersuricata

Malware Config

Extracted

Family

vidar

Version

7.7

Botnet

93

C2

http://search.ac.ug/

Attributes
  • profile_id

    93

Targets

    • Target

      b0a671b7efd31ef626581aef4be6af4e3c9a7a840b6959ad66ffee186354f862

    • Size

      557KB

    • MD5

      885a469df9346a97e0e4dc82a0e5dbe7

    • SHA1

      0c43af591710b049749428d00f100eeb07db091b

    • SHA256

      b0a671b7efd31ef626581aef4be6af4e3c9a7a840b6959ad66ffee186354f862

    • SHA512

      51fe933b476da96d36ed57f77433b3f3ff141935428f11ea4b1c87fc558795db8344d0eaa6faf41e7994dd14646306aafd770f429ec70e40f634ddbf4ce82011

    Score
    10/10
    suricata

    • suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern

      suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern

      suricata

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks