General
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://download2275.mediafire.com/sy4yu80ddjzg/bo4rvig0uux6rvl/GTA+Mod+menu.rar
Resource
win7-20220718-en
windows7-x64
7 signatures
1800 seconds
Malware Config
Extracted
Family
vidar
Version
53.3
Botnet
1375
C2
https://t.me/korstonsales
https://climatejustice.social/@ffoleg94
Attributes
-
profile_id
1375
Targets
-
-
Target
https://download2275.mediafire.com/sy4yu80ddjzg/bo4rvig0uux6rvl/GTA+Mod+menu.rar
-
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-