Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1d3c1417ec5e609e591100966d291f888f6f4feb255a5ffaa9b75d1f9d2c1a26
-
Size
373KB
-
Sample
221030-hr4t8ahear
-
MD5
c527971eeba174c1005267f4cb1f0f79
-
SHA1
fa205ffa3464f2d2f6a4b554b6ad0f6b131a1592
-
SHA256
1d3c1417ec5e609e591100966d291f888f6f4feb255a5ffaa9b75d1f9d2c1a26
-
SHA512
8cd3533978e12d29fc9a8e5b461135f26d061ab2cc020f39f01ddd6fbfeae6f897a907e9bae4c85025e82bdf86fa87173e4bfde4a1c90957add0e0f8852faa08
-
SSDEEP
6144:X9Uav7QLCufLC4bW/3qm6jvqf/cyOAXeQS3smhco8TQ5RnsH4cOrX:NUaEDLbW/3Z6jvqXHOrThc7QdrX
Malware Config
Extracted
vidar
55.3
937
https://t.me/slivetalks
https://c.im/@xinibin420
-
profile_id
937
Targets
-
-
Target
1d3c1417ec5e609e591100966d291f888f6f4feb255a5ffaa9b75d1f9d2c1a26
-
Size
373KB
-
MD5
c527971eeba174c1005267f4cb1f0f79
-
SHA1
fa205ffa3464f2d2f6a4b554b6ad0f6b131a1592
-
SHA256
1d3c1417ec5e609e591100966d291f888f6f4feb255a5ffaa9b75d1f9d2c1a26
-
SHA512
8cd3533978e12d29fc9a8e5b461135f26d061ab2cc020f39f01ddd6fbfeae6f897a907e9bae4c85025e82bdf86fa87173e4bfde4a1c90957add0e0f8852faa08
-
SSDEEP
6144:X9Uav7QLCufLC4bW/3qm6jvqf/cyOAXeQS3smhco8TQ5RnsH4cOrX:NUaEDLbW/3Z6jvqXHOrThc7QdrX
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-