Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

00000000.exe
Size

2MB
Sample

230125-mgq8lafg23
MD5

55e73a64522bff84dd4c4c509917725f
SHA1

df6923594126ef1e1ea3e86eed66f9b1739090a2
SHA256

f1b313082d836e0ea69b60e10eca6d805cea4595940c9d91ef81e5404d7fa829
SHA512

f57bef0bda189e8821c4e9eecdb225aa1e12cc51bf9bb37864df7a416aedc5ab62bd5a600c17dd906630d4451e1705867d5f7b558d5c9b3373b35a259bc8dd8d
SSDEEP

49152:7q3xLEtL72sK7qzsaMeCUKTPtxJF+1sPUm7hYDtUorcNfNPZYXE:u3+tL72m2TPttWs7vopXE

Score

10^/10

vidar 651 stealer

Malware Config

Extracted

Family

vidar

Version

2

Botnet

651

C2

https://t.me/tgdatapacks

https://steamcommunity.com/profiles/76561199469677637

Attributes

profile_id
651

Targets

- Target
  
  00000000.exe
- Size
  
  2MB
- MD5
  
  55e73a64522bff84dd4c4c509917725f
- SHA1
  
  df6923594126ef1e1ea3e86eed66f9b1739090a2
- SHA256
  
  f1b313082d836e0ea69b60e10eca6d805cea4595940c9d91ef81e5404d7fa829
- SHA512
  
  f57bef0bda189e8821c4e9eecdb225aa1e12cc51bf9bb37864df7a416aedc5ab62bd5a600c17dd906630d4451e1705867d5f7b558d5c9b3373b35a259bc8dd8d
- SSDEEP
  
  49152:7q3xLEtL72sK7qzsaMeCUKTPtxJF+1sPUm7hYDtUorcNfNPZYXE:u3+tL72m2TPttWs7vopXE
Score

10^/10

vidar 651 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

vidar651stealer

behavioral2

vidar651stealer