Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

52986679e8...c0.exe

windows7-x64

10

52986679e8...c0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    52986679e8cbbe78f3d377a8584106a8765604034d4b1efd28ccd28ddb8310c0.exe

  • Size

    722KB

  • Sample

    240417-qrj4tabb3s

  • MD5

    606dd77823076a151448704d36fc283d

  • SHA1

    71b6c77078d3f6ed954448e770df1ef2e5081776

  • SHA256

    52986679e8cbbe78f3d377a8584106a8765604034d4b1efd28ccd28ddb8310c0

  • SHA512

    288bfd7c1a70ad3bb6703138a1e6a35810c20c6d65467a3d535077cb4a5db52f6d7eab0ba2398d115c9414a7a57f1ee7a4655d78b57763ddc86e23283e0d3e35

  • SSDEEP

    12288:8u7Ord48zsWavuWqhCF1Kf3FopytrT5fpAp:CnsoCF14uwpXAp

Score
10/10
vidarstealer

Malware Config

Extracted

Family

vidar

Version

RoInitialize

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199673019888

https://t.me/irfail
Attributes
  • user_agent

    Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0

Targets

    • Target

      52986679e8cbbe78f3d377a8584106a8765604034d4b1efd28ccd28ddb8310c0.exe

    • Size

      722KB

    • MD5

      606dd77823076a151448704d36fc283d

    • SHA1

      71b6c77078d3f6ed954448e770df1ef2e5081776

    • SHA256

      52986679e8cbbe78f3d377a8584106a8765604034d4b1efd28ccd28ddb8310c0

    • SHA512

      288bfd7c1a70ad3bb6703138a1e6a35810c20c6d65467a3d535077cb4a5db52f6d7eab0ba2398d115c9414a7a57f1ee7a4655d78b57763ddc86e23283e0d3e35

    • SSDEEP

      12288:8u7Ord48zsWavuWqhCF1Kf3FopytrT5fpAp:CnsoCF14uwpXAp

    Score
    10/10
    vidarstealer

    • Detect Vidar Stealer

      stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks