Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

03/02/2023, 14:23

230203-rqfknsbc3v 1

03/02/2023, 13:59

230203-rae9zaff25 10

General

  • Target

    https://www.mediafire.com/file/oa94zf87j2213b1/Valorant.rar/file

  • Sample

    230203-rae9zaff25

Malware Config

Extracted

Family

vidar

Version

2.3

Botnet

408

C2

https://t.me/mantarlars

https://steamcommunity.com/profiles/76561199474840123

Attributes
  • profile_id

    408

Targets

    • Target

      https://www.mediafire.com/file/oa94zf87j2213b1/Valorant.rar/file

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Executes dropped EXE

    • Loads dropped DLL

    • Accesses 2FA software files, possible credential harvesting

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks