Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d6a373eb8f771884afc984fba23ff81b034146282f9285e5beaf5eb31d886366.exe
-
Size
614KB
-
Sample
230806-ssv9kscb9x
-
MD5
f2e35af2013a8cf04a5ab63348b6958d
-
SHA1
eca2a467462ff167d3511ca0fdd5373228612718
-
SHA256
d6a373eb8f771884afc984fba23ff81b034146282f9285e5beaf5eb31d886366
-
SHA512
5609c88267fbf4452c7dd0b2e7bc97e2e02752b2333993ea0e9f91425fd9315b626ada9a392210224ed2fe7da1fdf57e7a74837b38a31ef5b57e18af791a5ad7
-
SSDEEP
12288:0hqxSLo5C1Ps4XhAjN8GVNoBlR+m651ItSpDvg6q/BCOg:0HLmCiIhoB7oFSzIYtUxg
Malware Config
Extracted
vidar
5
43a6ce95ca0edbaf09babc2b3d43fe58
https://t.me/versozaline
https://steamcommunity.com/profiles/76561199532186526
-
profile_id_v2
43a6ce95ca0edbaf09babc2b3d43fe58
-
user_agent
Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Targets
-
-
Target
d6a373eb8f771884afc984fba23ff81b034146282f9285e5beaf5eb31d886366.exe
-
Size
614KB
-
MD5
f2e35af2013a8cf04a5ab63348b6958d
-
SHA1
eca2a467462ff167d3511ca0fdd5373228612718
-
SHA256
d6a373eb8f771884afc984fba23ff81b034146282f9285e5beaf5eb31d886366
-
SHA512
5609c88267fbf4452c7dd0b2e7bc97e2e02752b2333993ea0e9f91425fd9315b626ada9a392210224ed2fe7da1fdf57e7a74837b38a31ef5b57e18af791a5ad7
-
SSDEEP
12288:0hqxSLo5C1Ps4XhAjN8GVNoBlR+m651ItSpDvg6q/BCOg:0HLmCiIhoB7oFSzIYtUxg
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-