Overview

overview

10

Static

static

light-setup.exe

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    light-setup.exe

  • Size

    453KB

  • Sample

    221207-prezesaa61

  • MD5

    097bac4bf64c9bc3429029958a78abed

  • SHA1

    7c19e94af5f7d36d573152ba736618b79184e234

  • SHA256

    cf87c259febf285b9b28a02563b1d08ce92554c268c83322f59ad45cc14361d6

  • SHA512

    f7e0dc54fd4d0576e2ed1fd04c9e6d262c0558634d8c5e5435b5fbd501b95722a940344767bcff294bbfc094be4c46f84d8553ed47c42a28c33445942c5c96ce

  • SSDEEP

    12288:rzVtFFIkfyPV9VRrjCR5TJmkuSiD63cZ2:vbIkg9HUz/iD6sZ

Score
10/10
vidar1375stealer

Malware Config

Extracted

Family

vidar

Version

55.7

Botnet

1375

C2

https://t.me/deadftx

https://www.tiktok.com/@user6068972597711
Attributes
  • profile_id

    1375

Targets

    • Target

      light-setup.exe

    • Size

      453KB

    • MD5

      097bac4bf64c9bc3429029958a78abed

    • SHA1

      7c19e94af5f7d36d573152ba736618b79184e234

    • SHA256

      cf87c259febf285b9b28a02563b1d08ce92554c268c83322f59ad45cc14361d6

    • SHA512

      f7e0dc54fd4d0576e2ed1fd04c9e6d262c0558634d8c5e5435b5fbd501b95722a940344767bcff294bbfc094be4c46f84d8553ed47c42a28c33445942c5c96ce

    • SSDEEP

      12288:rzVtFFIkfyPV9VRrjCR5TJmkuSiD63cZ2:vbIkg9HUz/iD6sZ

    Score
    10/10
    vidar1375stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

1
T1064

Persistence

Privilege Escalation

Defense Evasion

Scripting

1
T1064

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks