Overview

overview

10

Static

static

Setup.exe

windows7-x64

10

Setup.exe

windows10-2004-x64

10

Resubmissions

28-12-2022 12:39

221228-pvn2hade3v 10

28-12-2022 08:28

221228-kc1kcsch5w 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Setup.exe

  • Size

    383KB

  • Sample

    221228-kc1kcsch5w

  • MD5

    a3b1a98e160bfa4291bcb69fb03cd795

  • SHA1

    1bd82cbe38b05bfffa994e7b452d39020fccd0d1

  • SHA256

    4ea3a99ae3bc0bbc4eeee90fd025c9b6a89de10a04d865928eb0f1109bdc5f92

  • SHA512

    d34b18a7d34d658e4e542f13c274e904a2d73a6e80e1861e52b9b91ba2451c49959a5a6c47a613ff8a6d25add20b67204de138e696099a8a96c2d09dfff59f56

  • SSDEEP

    6144:8Orem9aAKWpCwq2CcVAYsmD4sTuYGWw8F1nzbovounSQpPiv6hcWf9n3NM:8MFdCw9SU4sTcktIgQ5e4cm9

Score
10/10
vidar1375spywarestealer

Malware Config

Extracted

Family

vidar

Version

56.4

Botnet

1375

C2

https://t.me/iseepass

https://steamcommunity.com/profiles/76561199459255837
Attributes
  • profile_id

    1375

Targets

    • Target

      Setup.exe

    • Size

      383KB

    • MD5

      a3b1a98e160bfa4291bcb69fb03cd795

    • SHA1

      1bd82cbe38b05bfffa994e7b452d39020fccd0d1

    • SHA256

      4ea3a99ae3bc0bbc4eeee90fd025c9b6a89de10a04d865928eb0f1109bdc5f92

    • SHA512

      d34b18a7d34d658e4e542f13c274e904a2d73a6e80e1861e52b9b91ba2451c49959a5a6c47a613ff8a6d25add20b67204de138e696099a8a96c2d09dfff59f56

    • SSDEEP

      6144:8Orem9aAKWpCwq2CcVAYsmD4sTuYGWw8F1nzbovounSQpPiv6hcWf9n3NM:8MFdCw9SU4sTcktIgQ5e4cm9

    Score
    10/10
    vidar1375stealerspyware

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Loads dropped DLL

    • Accesses 2FA software files, possible credential harvesting

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks