vidar | 29f281cac20928673a516da70a1495cf217aea2dc386d7719de2df7c2053fb9d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

90761d7a9a...42.exe

windows7-x64

90761d7a9a...42.exe

windows10-2004-x64

Sharing

General

Target

90761d7a9ac41a9602b7094663921f42.exe
Size

5.0MB
Sample

240112-qpg7fahee8
MD5

90761d7a9ac41a9602b7094663921f42
SHA1

eb2357f00f922719f261a97ca1f4350a7c3d168a
SHA256

29f281cac20928673a516da70a1495cf217aea2dc386d7719de2df7c2053fb9d
SHA512

2e5981e6a38b2b2b4f036f3056c818834160018d97a9393f7d461890fe51f0030ac2c3322c2421abc707e20ee01392bbf3058d9bba77e95ab7facfbed55cdda0
SSDEEP

49152:bWgm+tevgmkSG2srQHYNGFF0v9AUKoXjuqqn0F2TmoGwHP2px3V:bWgmsevgm+QQFvDXFqXRDOrV

Score

10^/10

vidar zgrat rat stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

90761d7a9ac41a9602b7094663921f42.exe

Resource

win7-20231215-en

vidar zgrat rat stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

90761d7a9ac41a9602b7094663921f42.exe

Resource

win10v2004-20231215-en

vidar zgrat rat stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  90761d7a9ac41a9602b7094663921f42.exe
- Size
  
  5.0MB
- MD5
  
  90761d7a9ac41a9602b7094663921f42
- SHA1
  
  eb2357f00f922719f261a97ca1f4350a7c3d168a
- SHA256
  
  29f281cac20928673a516da70a1495cf217aea2dc386d7719de2df7c2053fb9d
- SHA512
  
  2e5981e6a38b2b2b4f036f3056c818834160018d97a9393f7d461890fe51f0030ac2c3322c2421abc707e20ee01392bbf3058d9bba77e95ab7facfbed55cdda0
- SSDEEP
  
  49152:bWgm+tevgmkSG2srQHYNGFF0v9AUKoXjuqqn0F2TmoGwHP2px3V:bWgmsevgm+QQFvDXFqXRDOrV
Score

10^/10

vidar zgrat rat stealer
- Detect Vidar Stealer
  stealer
- Detect ZGRat V1
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidarzgratratstealer

behavioral2

vidarzgratratstealer

© 2018-2025

Terms | Privacy