General

  • Target

    3c40413f9340d25dc7f2c4358583706b1eb19962cb74669bf8276597e871faf5.zip

  • Size

    223KB

  • Sample

    240402-msmdsafe7t

  • MD5

    115175b5a3d66c21b8dac816f7afda0c

  • SHA1

    dab19d7296667ee32f4ba33edf4641ecb9c5dea2

  • SHA256

    21d0c8bd4259092f58fbce63156b278fb093108a37a563fa6f6694dc2848702e

  • SHA512

    183463318369a68e696acdb090e52ba0d18bdea837932371e46aef57a57c169c7fb7fb6d2ad6618c4b6d82cc14fa7f7453baaed2f371ed04c7ba24e1fa198804

  • SSDEEP

    6144:FmMEBHEhNK9PsvYdSgUa1hb4jMw2irtc9IBfmHS:FmHBkhU9P8K+MmrtcafF

Score
10/10

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199658817715

https://t.me/sa9ok

Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36

Targets

    • Target

      3c40413f9340d25dc7f2c4358583706b1eb19962cb74669bf8276597e871faf5.exe

    • Size

      234KB

    • MD5

      47573a5a6be2c7209517807e507f4e9c

    • SHA1

      b0d0d999c9855c95f6c4e739b8d873ff4b6b940c

    • SHA256

      3c40413f9340d25dc7f2c4358583706b1eb19962cb74669bf8276597e871faf5

    • SHA512

      9bea8f64b374fcfd9dc343379b220bc71aa83090f5798eab229c511bd5ecb52c88c56d38b0f860ed410dc59bb19477216c99c961a87e291be262333fd8c3c99b

    • SSDEEP

      6144:5qLFfq23vFmPFvyYrNFOqTOTWZ/gFOnWyqSwgcnRtabUAl:EN/EPFvPr3OI/gFT/SBJbUk

    Score
    10/10
    • Detect Vidar Stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks