Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fe560f627ab8d64ef656bc47ae9584ee991ae89159e1e997b23ea1bb0f299347.bin

  • Size

    445KB

  • Sample

    230501-ybfepafh54

  • MD5

    cb1b352fe1148a621e8b4de76188ca12

  • SHA1

    cb7dc4eeecfbf5cc19ffa41bf43b431b079dbec4

  • SHA256

    fe560f627ab8d64ef656bc47ae9584ee991ae89159e1e997b23ea1bb0f299347

  • SHA512

    27fa705c475e3203457496853494def98a3b91d3cabb454f1c5eac77f13f9a61c9a2e58a5321b76a60f3a6fb3f9b5d3674b0d34041c906d27cc6152807b8c5b6

  • SSDEEP

    12288:a96Zhkc1xpkgZXcP/bzhy+DYBDqh6mENW:a0ZhkQbFZMHbzHDY7W

Malware Config

Extracted

Family

vidar

Version

3.5

Botnet

2234cb18bdcd93ea6f4e5f1473025a81

C2

https://steamcommunity.com/profiles/76561199497218285

https://t.me/tg_duckworld

Attributes
  • profile_id_v2

    2234cb18bdcd93ea6f4e5f1473025a81

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7

Targets

    • Target

      fe560f627ab8d64ef656bc47ae9584ee991ae89159e1e997b23ea1bb0f299347.bin

    • Size

      445KB

    • MD5

      cb1b352fe1148a621e8b4de76188ca12

    • SHA1

      cb7dc4eeecfbf5cc19ffa41bf43b431b079dbec4

    • SHA256

      fe560f627ab8d64ef656bc47ae9584ee991ae89159e1e997b23ea1bb0f299347

    • SHA512

      27fa705c475e3203457496853494def98a3b91d3cabb454f1c5eac77f13f9a61c9a2e58a5321b76a60f3a6fb3f9b5d3674b0d34041c906d27cc6152807b8c5b6

    • SSDEEP

      12288:a96Zhkc1xpkgZXcP/bzhy+DYBDqh6mENW:a0ZhkQbFZMHbzHDY7W

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

MITRE ATT&CK Matrix

Tasks