vidar | 086bcb65380fa0e4d23c07fbff58863949f8158b87d07cd6eac6485d99b3bf0d | Triage

Submit
Reports

Overview

overview

Static

static

1

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

086bcb65380fa0e4d23c07fbff58863949f8158b87d07cd6eac6485d99b3bf0d
Size

2.8MB
Sample

240425-a4w15scd7t
MD5

7f1e688e77760ad29c560404a2fb9d2f
SHA1

7c06e05c8e13d01df26653cbe12695af139c5854
SHA256

086bcb65380fa0e4d23c07fbff58863949f8158b87d07cd6eac6485d99b3bf0d
SHA512

e841524c36ec9f550bbd299fbd33bbf15587dde922c747ae719bea03c387e62bbb9a73fdee0188dfb1586cca5b9dc81745144e633ed3dcb661434ab1c87e393e
SSDEEP

49152:lAfXmQ/GT5+pDEuOwHLHE83/G9+SbSyCfHtl8/ioefjKxAd2jVAeIXT:2+4GT0OSL04Dl8/gcAsJAeIj

Score

10^/10

vidar zgrat rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

086bcb65380fa0e4d23c07fbff58863949f8158b87d07cd6eac6485d99b3bf0d.exe

Resource

win7-20231129-en

vidar zgrat rat stealer

windows7-x64

8 signatures

300 seconds

Behavioral task

behavioral2

Sample

086bcb65380fa0e4d23c07fbff58863949f8158b87d07cd6eac6485d99b3bf0d.exe

Resource

win10-20240404-en

windows10-1703-x64

6 signatures

300 seconds

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199673019888

https://t.me/irfail

Attributes

user_agent
Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0

Targets

- Target
  
  086bcb65380fa0e4d23c07fbff58863949f8158b87d07cd6eac6485d99b3bf0d
- Size
  
  2.8MB
- MD5
  
  7f1e688e77760ad29c560404a2fb9d2f
- SHA1
  
  7c06e05c8e13d01df26653cbe12695af139c5854
- SHA256
  
  086bcb65380fa0e4d23c07fbff58863949f8158b87d07cd6eac6485d99b3bf0d
- SHA512
  
  e841524c36ec9f550bbd299fbd33bbf15587dde922c747ae719bea03c387e62bbb9a73fdee0188dfb1586cca5b9dc81745144e633ed3dcb661434ab1c87e393e
- SSDEEP
  
  49152:lAfXmQ/GT5+pDEuOwHLHE83/G9+SbSyCfHtl8/ioefjKxAd2jVAeIXT:2+4GT0OSL04Dl8/gcAsJAeIj
Score

10^/10

vidar zgrat rat stealer
- Detect Vidar Stealer
  stealer
- Detect ZGRat V1
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

vidarzgratratstealer

behavioral2

© 2018-2024

Terms | Privacy