General

  • Target

    5bde316bb02a4d1c0e5530093c04f48e6bb862a828f154b5ad2a19c3a032937d.zip

  • Size

    228KB

  • Sample

    240402-qxasbsca35

  • MD5

    42b547c37cb54d8afccf95aa815fda6d

  • SHA1

    4496f9828fddb86957a314818affa764aae89dfc

  • SHA256

    2d586a9b25ee71b05cffe997ef3d8ea53a952fb7a67d71f698e7e587b327830b

  • SHA512

    ba881d1139ae132dfac51bd960e27162361ba58fba7c5e374b9342659411e4b433a2df998e3db7542aa81638275ec5b519d39fa9523a2ae42b0f3bb5c0711ade

  • SSDEEP

    6144:lZbZMk1xVKXinV4Fbkd3TQRUN8LsLa+LijjljyFcxEOlCvTgYU9YzD:lxZMkkXVklTQ28InYoFw0Ue

Score
10/10

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199658817715

https://t.me/sa9ok

Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36

Targets

    • Target

      5bde316bb02a4d1c0e5530093c04f48e6bb862a828f154b5ad2a19c3a032937d.exe

    • Size

      244KB

    • MD5

      2caa34244dd6726f37dbccc7fe9b59fd

    • SHA1

      0ec728e4614ae0f3ae5db4ed255a1a344d654659

    • SHA256

      5bde316bb02a4d1c0e5530093c04f48e6bb862a828f154b5ad2a19c3a032937d

    • SHA512

      2a471bf75e21b6637839626f25668e03fd60c7bdd2f11b838c3842999e6b615a26c6bd1bcf3ecdcdae37a6ce11a046e7590194c8fdc40aef2ab44854238669b2

    • SSDEEP

      3072:jp3BvL34Ph1UOpbqWvhSveoQxd0+4NB4F/8CUKnozHZHeV1HLVA8959eQAOED:Nxvz4ZxbVvhweoQL0DNBKn6H1w5AENo

    Score
    10/10
    • Detect Vidar Stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks