Overview

overview

10

Static

static

3

61e6a9acb2...54.exe

windows7-x64

10

61e6a9acb2...54.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    61e6a9acb2def09f3bc470513cc85c54

  • Size

    694KB

  • Sample

    240117-gm8f6shfhl

  • MD5

    61e6a9acb2def09f3bc470513cc85c54

  • SHA1

    584b7301dd147a4cbcaf195bec1363287448baa3

  • SHA256

    ecd74dd762ced97d83cc351b41f1545b85778d553ceb466f6c8533d6c54e30ae

  • SHA512

    897d07978b11d2d46cd57828f07d329bd23829e96a878a50d472a5476dd5556e04a4375b9fd7f67f8f7719ab37fa6837ca3850f7641bbc55874fe36e92262f25

  • SSDEEP

    12288:axGt1KIgj5TJuWaRGu7a81KE64i5uY4Cgbo73O1kV1nO1GVS9Td01LqBw/yxyR:tKIgKRGuO8gTGYwoS1kVg9q95yxyR

Score
10/10
vidar937stealer

Malware Config

Extracted

Family

vidar

Version

40.1

Botnet

937

C2

https://eduarroma.tumblr.com/

Attributes
  • profile_id

    937

Targets

    • Target

      61e6a9acb2def09f3bc470513cc85c54

    • Size

      694KB

    • MD5

      61e6a9acb2def09f3bc470513cc85c54

    • SHA1

      584b7301dd147a4cbcaf195bec1363287448baa3

    • SHA256

      ecd74dd762ced97d83cc351b41f1545b85778d553ceb466f6c8533d6c54e30ae

    • SHA512

      897d07978b11d2d46cd57828f07d329bd23829e96a878a50d472a5476dd5556e04a4375b9fd7f67f8f7719ab37fa6837ca3850f7641bbc55874fe36e92262f25

    • SSDEEP

      12288:axGt1KIgj5TJuWaRGu7a81KE64i5uY4Cgbo73O1kV1nO1GVS9Td01LqBw/yxyR:tKIgKRGuO8gTGYwoS1kVg9q95yxyR

    Score
    10/10
    vidar937stealer
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks