General

  • Target

    59d959aea023ad0840ab3694261ba36c4590f65f07ad5e500e791c64a3455142.zip

  • Size

    223KB

  • Sample

    240402-qxasbsca34

  • MD5

    e0447f9e8fa08ff5941272a5e7ec23bc

  • SHA1

    5e002eb3690f284ddc326fc6539d7bc2a5d362e0

  • SHA256

    cc3f65b44c3feba29d14f255859c19b6cf6e3bbe90b1d7dab89848b19f4f50ca

  • SHA512

    4a9c010d8444f454f6c4a58a3819d4e340dac2599280e5cb525d74fb5266f3e9b3434dd53f48e382e94062ec165d35ab55b61e60e204d196f2467e0084ce6963

  • SSDEEP

    3072:3NFsVBHID2C30KOJIi0dcAtRg93x9d/sE3eI35XyLT4L3DroJrWqTv5KmuVme:dEx/C30rIAAPg93x9JCAcXrWqTsl

Score
10/10

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199658817715

https://t.me/sa9ok

Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36

Targets

    • Target

      59d959aea023ad0840ab3694261ba36c4590f65f07ad5e500e791c64a3455142.exe

    • Size

      234KB

    • MD5

      a17efa3f07ace71dea8c084c1a502f36

    • SHA1

      08c0d817dfef6c1ce36dc1c20390f5c8f7ebee07

    • SHA256

      59d959aea023ad0840ab3694261ba36c4590f65f07ad5e500e791c64a3455142

    • SHA512

      9e2e6d458fbb66af052635fde8a017cdb0a9bce5d839cb8b8deae79a63544ee3b2a5c87bb352c9a5c2079c63a9e450e712345629244c30e28d3d3625518c2681

    • SSDEEP

      6144:a+DGkIHUIHBZpFVa1QEiJGoWsEWVLNjTqN:xNtqZp+9iJG23NjeN

    Score
    10/10
    • Detect Vidar Stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks