Overview

overview

10

Static

static

GitHub Desktop.exe

windows7-x64

5

GitHub Desktop.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    GitHub Desktop.exe

  • Size

    3.5MB

  • Sample

    221123-mwnq1sad2t

  • MD5

    b4997c79cfc3aadcf67ea98b35d02416

  • SHA1

    7c439b88a9f8bfadb02ae1a3eab10130fcc7fcec

  • SHA256

    e358ccc2222e1f8acc1ccbe3596f50fbb24d7e744850df3c04eca6c5eeeba2e5

  • SHA512

    58770e14fabf655a9331cba7e283c3dfc8f4eef5a5c63502a5cf7e34b43a2bc6e6b431e392f5e06c02119ca1f87c329fa26f0b3c9653b4d9fbb1b029c8626c38

  • SSDEEP

    49152:fdGRbHsngxm8dAEWPZkjf7xvPSPYl/mJpA6ZD5Uu66n3:oRbMnd8dAEWPZkZKP2mJpACDv/3

Score
10/10
vidar1340stealer

Malware Config

Extracted

Family

vidar

Version

55.7

Botnet

1340

C2

https://t.me/deadftx

https://www.tiktok.com/@user6068972597711
Attributes
  • profile_id

    1340

Targets

    • Target

      GitHub Desktop.exe

    • Size

      3.5MB

    • MD5

      b4997c79cfc3aadcf67ea98b35d02416

    • SHA1

      7c439b88a9f8bfadb02ae1a3eab10130fcc7fcec

    • SHA256

      e358ccc2222e1f8acc1ccbe3596f50fbb24d7e744850df3c04eca6c5eeeba2e5

    • SHA512

      58770e14fabf655a9331cba7e283c3dfc8f4eef5a5c63502a5cf7e34b43a2bc6e6b431e392f5e06c02119ca1f87c329fa26f0b3c9653b4d9fbb1b029c8626c38

    • SSDEEP

      49152:fdGRbHsngxm8dAEWPZkjf7xvPSPYl/mJpA6ZD5Uu66n3:oRbMnd8dAEWPZkZKP2mJpACDv/3

    Score
    10/10
    vidar1340stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks