General

  • Target

    59d959aea023ad0840ab3694261ba36c4590f65f07ad5e500e791c64a3455142.zip

  • Size

    223KB

  • Sample

    240402-qgndgsbc37

  • MD5

    a2519be073139a5c91c789feae1faafc

  • SHA1

    298fd388b2f183aeca965035809394546525f8cd

  • SHA256

    10fa9bec5a8f28768c36a28b7c3eb7b69e3d25c4ee6985fe50c3fa874d9f50d6

  • SHA512

    662ee66b7e83a1704f463b363a45bf5451d8f3d9f889f12ae190b084f7e696906f370358e79b971f68a44634caea472bd1b5d9e715ad1780599492fff45bdf6d

  • SSDEEP

    6144:ynsikMLulJPsBmWc2lmgWioXcGZsweSuhLgZ:yn6MIJEBmMuiARZDsg

Score
10/10

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199658817715

https://t.me/sa9ok

Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36

Targets

    • Target

      59d959aea023ad0840ab3694261ba36c4590f65f07ad5e500e791c64a3455142.exe

    • Size

      234KB

    • MD5

      a17efa3f07ace71dea8c084c1a502f36

    • SHA1

      08c0d817dfef6c1ce36dc1c20390f5c8f7ebee07

    • SHA256

      59d959aea023ad0840ab3694261ba36c4590f65f07ad5e500e791c64a3455142

    • SHA512

      9e2e6d458fbb66af052635fde8a017cdb0a9bce5d839cb8b8deae79a63544ee3b2a5c87bb352c9a5c2079c63a9e450e712345629244c30e28d3d3625518c2681

    • SSDEEP

      6144:a+DGkIHUIHBZpFVa1QEiJGoWsEWVLNjTqN:xNtqZp+9iJG23NjeN

    Score
    10/10
    • Detect Vidar Stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks