Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6850b7d056a9bffa791dd47dc0f8251fc5cc72fd0d90eb7b3ffe5bbaf5cf9321.exe

  • Size

    1.1MB

  • Sample

    230206-nz5pdadg36

  • MD5

    749d19c5b63ba2f68382316133b3bce9

  • SHA1

    5b6073743e6dc49516452c6acd0a2a529fc865eb

  • SHA256

    6850b7d056a9bffa791dd47dc0f8251fc5cc72fd0d90eb7b3ffe5bbaf5cf9321

  • SHA512

    155ae150d41ecdb97d99b66b9e1c9baed920095008c5ef23617edf2ba2b59b8663c449733f5166bb16c6b6be6fee20cce46971ad8eec8c3b5c3523b46e18e82e

  • SSDEEP

    12288:+SqfVrWp0vjTTBS/ZchhSIFShxk+MkblmQGEOUIiC1LX9A9iJ8e3AhmL9N7Q9Bgm:zpuXBgZchhcRbvOUItL9NueIeuLP3

Score
10/10

Malware Config

Extracted

Family

vidar

Version

2.2

Botnet

15

C2

https://t.me/litlebey

https://steamcommunity.com/profiles/76561199472399815

Attributes
  • profile_id

    15

Targets

    • Target

      6850b7d056a9bffa791dd47dc0f8251fc5cc72fd0d90eb7b3ffe5bbaf5cf9321.exe

    • Size

      1.1MB

    • MD5

      749d19c5b63ba2f68382316133b3bce9

    • SHA1

      5b6073743e6dc49516452c6acd0a2a529fc865eb

    • SHA256

      6850b7d056a9bffa791dd47dc0f8251fc5cc72fd0d90eb7b3ffe5bbaf5cf9321

    • SHA512

      155ae150d41ecdb97d99b66b9e1c9baed920095008c5ef23617edf2ba2b59b8663c449733f5166bb16c6b6be6fee20cce46971ad8eec8c3b5c3523b46e18e82e

    • SSDEEP

      12288:+SqfVrWp0vjTTBS/ZchhSIFShxk+MkblmQGEOUIiC1LX9A9iJ8e3AhmL9N7Q9Bgm:zpuXBgZchhcRbvOUItL9NueIeuLP3

    Score
    10/10
    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks