Overview

overview

10

Static

static

10

b65affaee5...f1.exe

windows7-x64

1

b65affaee5...f1.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b65affaee59395728a1448e548003ef5dda62b80baa4b115a433a72cb16a1ff1

  • Size

    384KB

  • Sample

    230105-vssvkacf58

  • MD5

    fe3e76a8aa4b0279088f57e7fcd71121

  • SHA1

    ea31fc235c4bad2f043f945451fd96453bfa8785

  • SHA256

    b65affaee59395728a1448e548003ef5dda62b80baa4b115a433a72cb16a1ff1

  • SHA512

    38c885a25b27916d8ce1b4a86746bb2d110985d6bb4dce0fd1e7ac8d368ba6c4acd205b6b031644e79e0fddae97340d14eda18d958e55e79486e7a06f65d576a

  • SSDEEP

    6144:W7pOFlpDofcQdKU8CvGJlcWwoKHL4YZUoWt:WUpMKbgWw5HcY

Score
10/10
vidar813discoveryspywarestealer

Malware Config

Extracted

Family

vidar

Version

1.8

Botnet

813

C2

https://t.me/year2023start

https://steamcommunity.com/profiles/76561199467421923
Attributes
  • profile_id

    813

Targets

    • Target

      b65affaee59395728a1448e548003ef5dda62b80baa4b115a433a72cb16a1ff1

    • Size

      384KB

    • MD5

      fe3e76a8aa4b0279088f57e7fcd71121

    • SHA1

      ea31fc235c4bad2f043f945451fd96453bfa8785

    • SHA256

      b65affaee59395728a1448e548003ef5dda62b80baa4b115a433a72cb16a1ff1

    • SHA512

      38c885a25b27916d8ce1b4a86746bb2d110985d6bb4dce0fd1e7ac8d368ba6c4acd205b6b031644e79e0fddae97340d14eda18d958e55e79486e7a06f65d576a

    • SSDEEP

      6144:W7pOFlpDofcQdKU8CvGJlcWwoKHL4YZUoWt:WUpMKbgWw5HcY

    Score
    7/10
    discoveryspywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses 2FA software files, possible credential harvesting

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

3
T1081

Discovery

Query Registry

2
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

3
T1005

Exfiltration

Command and Control

Impact

Tasks