Overview

overview

10

Static

static

3

995d6d0616...61.exe

windows7-x64

10

995d6d0616...61.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    995d6d0616a01ce21c29cf8a59a8ee61

  • Size

    657KB

  • Sample

    240213-n4ry3shb4v

  • MD5

    995d6d0616a01ce21c29cf8a59a8ee61

  • SHA1

    7645d0bd4c82bce058951e77cb5112e3b12c19db

  • SHA256

    7e6b7466a36513adab05461f704358a300532fe22566390db2b11e2e002ea76e

  • SHA512

    18e6c8e435b7ff2e4a41e9c8118761e1582f0ab6efb2225d8c1bcce78cec95a4f1f0ae7b5ccaeb35047fa8f72d2910112cba0f49f7760d106fc89bad51b8c55a

  • SSDEEP

    12288:mAb0H9AMChkaRmGI6MbQ9fWZd/V/H2y/npv+u1dvb5VOYEurciDRz9V:SdAMChbRmlhZpVL/n1tVOFO

Score
10/10
vidar916stealer

Malware Config

Extracted

Family

vidar

Version

40

Botnet

916

C2

https://lenak513.tumblr.com/

Attributes
  • profile_id

    916

Targets

    • Target

      995d6d0616a01ce21c29cf8a59a8ee61

    • Size

      657KB

    • MD5

      995d6d0616a01ce21c29cf8a59a8ee61

    • SHA1

      7645d0bd4c82bce058951e77cb5112e3b12c19db

    • SHA256

      7e6b7466a36513adab05461f704358a300532fe22566390db2b11e2e002ea76e

    • SHA512

      18e6c8e435b7ff2e4a41e9c8118761e1582f0ab6efb2225d8c1bcce78cec95a4f1f0ae7b5ccaeb35047fa8f72d2910112cba0f49f7760d106fc89bad51b8c55a

    • SSDEEP

      12288:mAb0H9AMChkaRmGI6MbQ9fWZd/V/H2y/npv+u1dvb5VOYEurciDRz9V:SdAMChbRmlhZpVL/n1tVOFO

    Score
    10/10
    vidar916stealer
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks