General

  • Target

    3c40413f9340d25dc7f2c4358583706b1eb19962cb74669bf8276597e871faf5.zip

  • Size

    223KB

  • Sample

    240402-qxasbsbg71

  • MD5

    745b40d50e07141030483287311ef2cc

  • SHA1

    6e964ac15530232ad5d73c63608faf95b25b31f8

  • SHA256

    ea239454d561ec8cc48933c2fccdf13fa87833b6b59e4706fb59a0f276daf028

  • SHA512

    b59180e3225b9360bf8ab55d59afb63a495ee6d9d2dd304cc022a6973df5b2a2be00cca99c3931f4016fcfa12a0dd0de09de73d0ada7771ec753e90c73123852

  • SSDEEP

    6144:mu2mEBa5O3ek/8ymeS7cRlsE6nsplsnOpXsC/6f4zN0J:mu6a5i2sGE6nsbsOp8C/2nJ

Score
10/10

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199658817715

https://t.me/sa9ok

Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36

Targets

    • Target

      3c40413f9340d25dc7f2c4358583706b1eb19962cb74669bf8276597e871faf5.exe

    • Size

      234KB

    • MD5

      47573a5a6be2c7209517807e507f4e9c

    • SHA1

      b0d0d999c9855c95f6c4e739b8d873ff4b6b940c

    • SHA256

      3c40413f9340d25dc7f2c4358583706b1eb19962cb74669bf8276597e871faf5

    • SHA512

      9bea8f64b374fcfd9dc343379b220bc71aa83090f5798eab229c511bd5ecb52c88c56d38b0f860ed410dc59bb19477216c99c961a87e291be262333fd8c3c99b

    • SSDEEP

      6144:5qLFfq23vFmPFvyYrNFOqTOTWZ/gFOnWyqSwgcnRtabUAl:EN/EPFvPr3OI/gFT/SBJbUk

    Score
    10/10
    • Detect Vidar Stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks