General
-
Target
Valorant.rar
-
Size
6.8MB
-
Sample
230206-rkkx7sec53
-
MD5
de9d130333661ef3bd851ed49ddf81ef
-
SHA1
6d8ea21031651eb4c68a86525e82f37ba922f628
-
SHA256
555a064f467f87a943e13487be925c431ad97da03a3798efba2efdf2db0499d8
-
SHA512
3012e70dedf7220de54eba86439cb783422ee627c3c2a3a35e3bcd27f200989cacb273634ac8b1e7b4c948bdeea500e7198611646d1e9265817e5a8f6a3ffddd
-
SSDEEP
98304:I0/FsCYIUKUy/74/Uu6qAPyI+aaPsoCDQrYlvRi8BLQ5OnoSKBHZnSxA+X9QvB5w:xtsCYIUJyTvQZPsoCDQUvWUoSc8xX9Ow
Malware Config
Extracted
vidar
2.3
408
https://t.me/mantarlars
https://steamcommunity.com/profiles/76561199474840123
-
profile_id
408
Targets
-
-
Target
Valorant.exe
-
Size
761.7MB
-
MD5
c049b093e28378075db89246e7d7d717
-
SHA1
5f76a8b7e9cbda970c38518b47c54084bfdf62f7
-
SHA256
9cf71d9691c409e2a531089e851abbbae0951ea3ac57ed164d3c5f0f88632283
-
SHA512
3313c7b425af6f8be6948c7b97d32556a301d1fa8798b8b395c47039c0426ccd0db57adb2eb3c638c905449607176c2ef00d063a505c4e0ee20cbfdbeda4ece8
-
SSDEEP
12288:hFu1aDQ8JEh08WiFV2KG0VJ8Ww8OnI/TB:dDQ1h2iFp5mnIbB
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Accesses 2FA software files, possible credential harvesting
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-
-
-
Target
bin.dll
-
Size
7KB
-
MD5
d3b681d68824ea81f52c7d6b4a179da0
-
SHA1
e944d64e8fb400d10f65dc0f1fc6c3ec01fbb16f
-
SHA256
0985cefa256ac47b7298fb2f555c2087915b9682441487cd8171d5fe2c76c5db
-
SHA512
78e6a4757e2cd851748fa7add9e1e9091b17979612c6a7c0989afcecde3076d5d9cf87d695baf7a86a205a338c83bc07013e0a8bf1673eb0a3b69493b8807011
-
SSDEEP
6:qMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6:n
Score1/10 -
-
-
Target
file.dll
-
Size
7KB
-
MD5
d3b681d68824ea81f52c7d6b4a179da0
-
SHA1
e944d64e8fb400d10f65dc0f1fc6c3ec01fbb16f
-
SHA256
0985cefa256ac47b7298fb2f555c2087915b9682441487cd8171d5fe2c76c5db
-
SHA512
78e6a4757e2cd851748fa7add9e1e9091b17979612c6a7c0989afcecde3076d5d9cf87d695baf7a86a205a338c83bc07013e0a8bf1673eb0a3b69493b8807011
-
SSDEEP
6:qMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6:n
Score1/10 -