Overview

overview

10

Static

static

1

Setup_Pswrd_1234.rar

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Setup_Pswrd_1234.rar

  • Size

    19.2MB

  • Sample

    240203-pm674sbdbp

  • MD5

    8ba6adc9a6b77d64b3b6490bc034dccb

  • SHA1

    4e9e7e54e5d570b70281bad3a73c755bf170be1c

  • SHA256

    4d5a8d86deeb1803b1b8e84c5757bd640b22eb8ef9e4e49f85728d1b60741bcc

  • SHA512

    03741fa316e6e4001acbad36f2dd1d28bdb63df0fe240d0c7172524f345c045a78f304294c867684d36ee2a44756f20f1ba1b50e32b9dcb051238166a24c4750

  • SSDEEP

    393216:9AZpW0zcypAaxs7buyaK0UQVJkm3TUJ4YVnxQxqlfdO5qQuRbGeCBM4yB:EBpAUsGyZ0UQzkm3TUJ4SbZHQk1v

Score
10/10
vidar8de874fe964a942b8bd50b84d393b6f8stealerthemida

Malware Config

Extracted

Family

vidar

Version

7.6

Botnet

8de874fe964a942b8bd50b84d393b6f8

C2

https://t.me/tvrugrats

https://steamcommunity.com/profiles/76561199627279110
Attributes
  • profile_id_v2

    8de874fe964a942b8bd50b84d393b6f8

Targets

    • Target

      Setup_Pswrd_1234.rar

    • Size

      19.2MB

    • MD5

      8ba6adc9a6b77d64b3b6490bc034dccb

    • SHA1

      4e9e7e54e5d570b70281bad3a73c755bf170be1c

    • SHA256

      4d5a8d86deeb1803b1b8e84c5757bd640b22eb8ef9e4e49f85728d1b60741bcc

    • SHA512

      03741fa316e6e4001acbad36f2dd1d28bdb63df0fe240d0c7172524f345c045a78f304294c867684d36ee2a44756f20f1ba1b50e32b9dcb051238166a24c4750

    • SSDEEP

      393216:9AZpW0zcypAaxs7buyaK0UQVJkm3TUJ4YVnxQxqlfdO5qQuRbGeCBM4yB:EBpAUsGyZ0UQzkm3TUJ4SbZHQk1v

    Score
    10/10
    vidar8de874fe964a942b8bd50b84d393b6f8stealerthemida

    • Detect Vidar Stealer

      stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks