Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    50d415fba923077512d41e490dd33779946e324e271143c2975e5d45a1ab88c2

  • Size

    11.1MB

  • Sample

    220924-j75l5acbgn

  • MD5

    831a24a8133f8a337d5fa89125ec1bc5

  • SHA1

    9479575f763772b527728c44fa98fc658882eb3b

  • SHA256

    50d415fba923077512d41e490dd33779946e324e271143c2975e5d45a1ab88c2

  • SHA512

    9cd0e1a94ad2867e4f51f5858aa466a31a724041ec0efc41dfa94619e1e545fab880e6f0833b440b242b5030a6d0732aed7a283ccca51cfe8c22c7477ec5c847

  • SSDEEP

    196608:OZbAM94MZrAo9GLcZFAN9/MvzQ8nAwYECnw8sqqA7M2D30y/9d5DX:

Malware Config

Extracted

Family

vidar

Version

54.6

Botnet

1148

C2

https://t.me/huobiinside

https://mas.to/@kyriazhs1975

Attributes
  • profile_id

    1148

Targets

    • Target

      50d415fba923077512d41e490dd33779946e324e271143c2975e5d45a1ab88c2

    • Size

      11.1MB

    • MD5

      831a24a8133f8a337d5fa89125ec1bc5

    • SHA1

      9479575f763772b527728c44fa98fc658882eb3b

    • SHA256

      50d415fba923077512d41e490dd33779946e324e271143c2975e5d45a1ab88c2

    • SHA512

      9cd0e1a94ad2867e4f51f5858aa466a31a724041ec0efc41dfa94619e1e545fab880e6f0833b440b242b5030a6d0732aed7a283ccca51cfe8c22c7477ec5c847

    • SSDEEP

      196608:OZbAM94MZrAo9GLcZFAN9/MvzQ8nAwYECnw8sqqA7M2D30y/9d5DX:

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks