General

  • Target

    be2346fa2bef1b558f011862043e37bf5cef8b2290202a64a450a08750820462.zip

  • Size

    223KB

  • Sample

    240402-qgpljsbc44

  • MD5

    9a6326c32a4efa954c0095a7c1e75218

  • SHA1

    0493a78d7ae926bd829788f5d8cea249b76934f6

  • SHA256

    25df96f298c29043baf3c5471370e9051a533aca1e97013865e3852b10958b93

  • SHA512

    2ebad35c92dee80c8bdd346eb62607f0b1184b381ffd186337408fa9f13d39471b31e23dd657bbf91b75db93ed0aea8b600ee6b156ad89bf72e2a76d1c590f40

  • SSDEEP

    3072:2oxwtJCinXw9MBmhXvx3q2x+SbpRZkjGuNCEQMT/BykQ194YJrmyCE1/tzdgxa59:1wtJCiXsMBmZ5hwN5fT/ByfinEeIF9

Score
10/10

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199658817715

https://t.me/sa9ok

Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36

Targets

    • Target

      be2346fa2bef1b558f011862043e37bf5cef8b2290202a64a450a08750820462.exe

    • Size

      234KB

    • MD5

      7c665575a095a3d95e8fd3db9f68dbda

    • SHA1

      9702fa88095963c1d336cd48bca362a2b33a530e

    • SHA256

      be2346fa2bef1b558f011862043e37bf5cef8b2290202a64a450a08750820462

    • SHA512

      2d300feb63df4a08d5ff5e235cc2f6e2f293e3a19a012ee75a933e6992c09e6fb2964fcf5f7fd3443c7fff7a66291bfa4bb1acbc0d9bb9fdd1e36c266a59736f

    • SSDEEP

      6144:TaYIfJebpHDjRu5Wh//MdHavp1RyPaBWuWR0PIDqmvYWx:3I+5EEwCpePae68Ws

    Score
    10/10
    • Detect Vidar Stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks