Overview

overview

10

Static

static

3

build.exe

windows7-x64

10

build.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    build.exe

  • Size

    274KB

  • Sample

    230630-pmqv5abb94

  • MD5

    39e947318bd7c04280e9266f4b6c0a35

  • SHA1

    1568c064c8aa24f17549fbbff895fc7eae574dcd

  • SHA256

    ce3c6cc7e3d80c26246bb01b910992d8c77b1c3f30ec28b79346f15224a3c746

  • SHA512

    05361abdf59148b763bb5705587a01d8309a5db3b6a8006b70793459af8e48db8c801d41917af9d96e2b74f154a58822d24c4f7585a84f2c5ec43d2f39fb1db2

  • SSDEEP

    6144:/nEyS75sX+u7KlvKBPCJhKoRRfE87Ea6M:/Q2+umgEhdjfRM

Score
10/10
vidar1827stealer

Malware Config

Extracted

Family

vidar

Version

55.7

Botnet

1827

C2

https://t.me/deadftx

https://www.ultimate-guitar.com/u/smbfupkuhrgc1

http://116.202.2.1:80
Attributes
  • profile_id

    1827

Targets

    • Target

      build.exe

    • Size

      274KB

    • MD5

      39e947318bd7c04280e9266f4b6c0a35

    • SHA1

      1568c064c8aa24f17549fbbff895fc7eae574dcd

    • SHA256

      ce3c6cc7e3d80c26246bb01b910992d8c77b1c3f30ec28b79346f15224a3c746

    • SHA512

      05361abdf59148b763bb5705587a01d8309a5db3b6a8006b70793459af8e48db8c801d41917af9d96e2b74f154a58822d24c4f7585a84f2c5ec43d2f39fb1db2

    • SSDEEP

      6144:/nEyS75sX+u7KlvKBPCJhKoRRfE87Ea6M:/Q2+umgEhdjfRM

    Score
    10/10
    vidar1827stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks