Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    350KB

  • Sample

    240423-w26y8aag33

  • MD5

    c144f16a3e3aff33fc958fdea42df7e0

  • SHA1

    470f6863ce73dbfd88441dc2c06e55d6ab3a96f6

  • SHA256

    998c38a88197ab545ed66959130ba09db2359000da1fe5b6af913a33d5902cac

  • SHA512

    6193661166530b6e923c1de242112c3e90d7562fce979d7d4933f49b61954a407badba5ddc0833ff00907b64b78e2a84630a3be8ba7ff18147d875f3f2b54e2a

  • SSDEEP

    3072:y8RfADp0Sf7qbe+sXJZXAksI2opQJy1Im2VlzlVHu2rC86PlFEVSmkfQIkp7Kgtv:MDqy/PLIoqJyrY3c2G8yXmpIyKE1c

Score
10/10
vidarstealer

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199677575543

https://t.me/snsb82
Attributes
  • user_agent

    Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0

Targets

    • Target

      file.exe

    • Size

      350KB

    • MD5

      c144f16a3e3aff33fc958fdea42df7e0

    • SHA1

      470f6863ce73dbfd88441dc2c06e55d6ab3a96f6

    • SHA256

      998c38a88197ab545ed66959130ba09db2359000da1fe5b6af913a33d5902cac

    • SHA512

      6193661166530b6e923c1de242112c3e90d7562fce979d7d4933f49b61954a407badba5ddc0833ff00907b64b78e2a84630a3be8ba7ff18147d875f3f2b54e2a

    • SSDEEP

      3072:y8RfADp0Sf7qbe+sXJZXAksI2opQJy1Im2VlzlVHu2rC86PlFEVSmkfQIkp7Kgtv:MDqy/PLIoqJyrY3c2G8yXmpIyKE1c

    Score
    10/10
    vidarstealer

    • Detect Vidar Stealer

      stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks