General

  • Target

    3c40413f9340d25dc7f2c4358583706b1eb19962cb74669bf8276597e871faf5.zip

  • Size

    223KB

  • Sample

    240402-qgm3qabc34

  • MD5

    1a19eaaa77e879afb75b83843377adc4

  • SHA1

    83cafbdb8341a5fd51e9b15f0d6026ca7bffa55b

  • SHA256

    167182a12a136bb290b8bbea0a4455ba55e2b3a7c05773c2401a92000fd1e9c5

  • SHA512

    cb6911c8effbcfe0b097fa723bdcebb7fb2f080c9d4e4332f55b051209e10c3b6afa9c8886bcc95cd8aaab7853fc828b5376c0646761397ef8925186ff9d30b9

  • SSDEEP

    6144:s9beMZ8p8LcDlla2LopcvUdpS1MojyqD50IQYwkU4y2:s9beMZ5QhopcvWpSmo75tbwv2

Score
10/10

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199658817715

https://t.me/sa9ok

Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36

Targets

    • Target

      3c40413f9340d25dc7f2c4358583706b1eb19962cb74669bf8276597e871faf5.exe

    • Size

      234KB

    • MD5

      47573a5a6be2c7209517807e507f4e9c

    • SHA1

      b0d0d999c9855c95f6c4e739b8d873ff4b6b940c

    • SHA256

      3c40413f9340d25dc7f2c4358583706b1eb19962cb74669bf8276597e871faf5

    • SHA512

      9bea8f64b374fcfd9dc343379b220bc71aa83090f5798eab229c511bd5ecb52c88c56d38b0f860ed410dc59bb19477216c99c961a87e291be262333fd8c3c99b

    • SSDEEP

      6144:5qLFfq23vFmPFvyYrNFOqTOTWZ/gFOnWyqSwgcnRtabUAl:EN/EPFvPr3OI/gFT/SBJbUk

    Score
    10/10
    • Detect Vidar Stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks