Overview

overview

10

Static

static

sotema_3.txt.exe

windows7-x64

10

sotema_3.txt.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sotema_3.txt.exe

  • Size

    687KB

  • Sample

    230122-28j1xsab47

  • MD5

    74369e15aa4278df3fb48af38ff0f6c7

  • SHA1

    bdd32c7da01a1d153481e151118cfd3e7f26fe04

  • SHA256

    8b5a4e40ae69a6a40919083275f37fc759ab609f0aa9d2269135c34a3fe3f053

  • SHA512

    1485b07182734464038e25949c4cde7da3d96e037f05efda0e68b4f5b595762713dc6cf11e9868969963f44867116225419d2db2c2993f7f1febc7fca6ddb6b8

  • SSDEEP

    12288:33pNnMRrdyclGQimr1DfUYZh6SIm79ybWpncLshlN+tQazCbRwIg1CmkT9:7nMNdy01w8hDEWpcLshlCzKiIgU9

Score
10/10
vidar706stealer

Malware Config

Extracted

Family

vidar

Version

39.4

Botnet

706

C2

https://sergeevih43.tumblr.com/

Attributes
  • profile_id

    706

Targets

    • Target

      sotema_3.txt.exe

    • Size

      687KB

    • MD5

      74369e15aa4278df3fb48af38ff0f6c7

    • SHA1

      bdd32c7da01a1d153481e151118cfd3e7f26fe04

    • SHA256

      8b5a4e40ae69a6a40919083275f37fc759ab609f0aa9d2269135c34a3fe3f053

    • SHA512

      1485b07182734464038e25949c4cde7da3d96e037f05efda0e68b4f5b595762713dc6cf11e9868969963f44867116225419d2db2c2993f7f1febc7fca6ddb6b8

    • SSDEEP

      12288:33pNnMRrdyclGQimr1DfUYZh6SIm79ybWpncLshlN+tQazCbRwIg1CmkT9:7nMNdy01w8hDEWpcLshlCzKiIgU9

    Score
    10/10
    vidar706stealer
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks