Overview

overview

10

Static

static

1

setup.exe

windows7-x64

10

setup.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    140s
  • max time network
    111s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    13-04-2023 00:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    setup.exe

  • Size

    472KB

  • MD5

    76ef680c0ebbc1fe0512aad0b218f2cc

  • SHA1

    7098a0f3f2498d9ed86f9b841f2c254afc333662

  • SHA256

    c1821cde377bf360d0ee0552a1e4ad4f37cbf5a71c6de027e13c2eadea696505

  • SHA512

    c75ba34a9914cbd108b2f230b8f254e09a6768034f53b023c3b831c888278b5710ad55d155c8c034f9696d941b17eb5608729e13a3d9ad0e50d2f00470151cc2

  • SSDEEP

    12288:zQtPPvWwrmHDGAHkWQ6vDpMQWSwlKmBPNICVr:z+PDWSGHCQjzmBPNICV

Score
10/10
vidare749025c61b2caca10aa829a9e1a65a1stealer

Malware Config

Extracted

Family

vidar

Version

3.4

Botnet

e749025c61b2caca10aa829a9e1a65a1

C2

https://steamcommunity.com/profiles/76561199494593681

https://t.me/auftriebs
Attributes
  • profile_id_v2

    e749025c61b2caca10aa829a9e1a65a1

  • user_agent

    Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0

Signatures

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

Processes

  • C:\Users\Admin\AppData\Local\Temp\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\setup.exe"
    1⤵
      PID:1260

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1260-55-0x00000000009B0000-0x0000000000A07000-memory.dmp

      Filesize

      348KB

      Download

    • memory/1260-56-0x0000000000400000-0x000000000081B000-memory.dmp

      Filesize

      4.1MB

      Download

    • memory/1260-58-0x0000000000400000-0x000000000081B000-memory.dmp

      Filesize

      4.1MB

      Download

    • memory/1260-62-0x0000000000400000-0x000000000081B000-memory.dmp

      Filesize

      4.1MB

      Download

    • memory/1260-63-0x0000000000400000-0x000000000081B000-memory.dmp

      Filesize

      4.1MB

      Download

    • memory/1260-64-0x0000000000400000-0x000000000081B000-memory.dmp

      Filesize

      4.1MB

      Download