Overview

overview

10

Static

static

10

2444-8-0x0...ry.exe

windows7-x64

10

2444-8-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2444-8-0x0000000000400000-0x0000000000639000-memory.dmp

  • Size

    2.2MB

  • Sample

    231201-mns1rshb39

  • MD5

    6e5946a487d603e25e3d068df3edc7a4

  • SHA1

    55e329d49559e14dab085500b44f51ebc46a7171

  • SHA256

    cd168639339535936bdc768c1ba3e7898b4672966c2a32e884484e714436d868

  • SHA512

    a9a9b0511981365d9ef5f299078624ac56a11dcb4515f1105ce3afecd78d657abc06915328429d5af2d6fd10ba9cac2fce0801f96a02aa81436af9a8f04090ea

  • SSDEEP

    3072:5/YMnHCTLTTZM/G5UtIa4aOl5RZpY67Lzpc:5wMYLTtMO56I2OTh

Score
10/10
vidarff0f5173b378c3dde7c3c6e3ae14c3a6stealer

Malware Config

Extracted

Family

vidar

Version

6.5

Botnet

ff0f5173b378c3dde7c3c6e3ae14c3a6

C2

https://t.me/starcofeeth

https://steamcommunity.com/profiles/76561199571056594
Attributes
  • profile_id_v2

    ff0f5173b378c3dde7c3c6e3ae14c3a6

  • user_agent

    Mozilla/5.0 (X11; CrOS x86_64 15329.59.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36

Targets

    • Target

      2444-8-0x0000000000400000-0x0000000000639000-memory.dmp

    • Size

      2.2MB

    • MD5

      6e5946a487d603e25e3d068df3edc7a4

    • SHA1

      55e329d49559e14dab085500b44f51ebc46a7171

    • SHA256

      cd168639339535936bdc768c1ba3e7898b4672966c2a32e884484e714436d868

    • SHA512

      a9a9b0511981365d9ef5f299078624ac56a11dcb4515f1105ce3afecd78d657abc06915328429d5af2d6fd10ba9cac2fce0801f96a02aa81436af9a8f04090ea

    • SSDEEP

      3072:5/YMnHCTLTTZM/G5UtIa4aOl5RZpY67Lzpc:5wMYLTtMO56I2OTh

    Score
    10/10
    vidarstealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks