Overview

overview

10

Static

static

10

extracted.exe

windows7-x64

1

extracted.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    extracted.zip

  • Size

    158KB

  • Sample

    240407-p39ceada4w

  • MD5

    958334b4bd3267ea9da957312f497546

  • SHA1

    40a0733b0073e5142f0694637e90367d7ca32482

  • SHA256

    39e218609c1de972541b6719fb18c8a5e028734367e406dc48ac8d0e36670af5

  • SHA512

    650f8dba27e35b24e2fd5a01c9fd9c772f6bccd90716c9467bc3de61aebf6a4fa826f33369aba27a2a0f452150ccffa8dfa9234e42edf493ec8d6d9266cb55d6

  • SSDEEP

    3072:xdgouV6AiUfRxSYtxoiZ3WntZhDXQoK2mXVsU6g082S7BaYn6SDPd:xmpgUvS6oiZyZZA32Ui27R6Sp

Score
10/10
vidar1148

Malware Config

Extracted

Family

vidar

Version

56

Botnet

1148

C2

https://t.me/asifrazatg

https://steamcommunity.com/profiles/76561199439929669

http://116.202.6.206:80
Attributes
  • profile_id

    1148

Targets

    • Target

      extracted.bin

    • Size

      291KB

    • MD5

      7b419724d28a464fa3ccead029201e05

    • SHA1

      c21e1ed95758d17054250b8b36c56fab8271ffdd

    • SHA256

      fb1133fa33ab62f49babfa38db37d07927a05ff7f8f7b50accdc2b75fb99aa25

    • SHA512

      ccbee38f016ba63af48acd0698126de012546092dc397aed7a67f6b8aa43b62327396e3f8a8f96b5e46dbc8fb63ac8cf1eba5dcd89980c3ce4b23792618c2f0f

    • SSDEEP

      6144:e1ePsPFKYLSCwZJOcUoSSwu5To9X08n3LD9GqBDVUrhOHkz3lKqfcU05:e0kPFzIOcUoSSwu5To9XvLD9pBDVU0kX

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks