Overview

overview

10

Static

static

1

c84f8c3f58...38.exe

windows7-x64

10

c84f8c3f58...38.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fcc226702f89fb80675c9b20156500f3.bin

  • Size

    499KB

  • Sample

    240426-cewp7ahb5w

  • MD5

    4c31aac7e5f5bb5eaece8ba556f01b4e

  • SHA1

    79d53d5f338bc70290fc8d53a48dae65b6fb8b9c

  • SHA256

    7880b1dd4a593b12fe8367b6058bf85a14e9e909e173ed8a1e1f23348963018f

  • SHA512

    2bf21def25bd3ee3e464463f6982d11072df5b8bb70596f7aa780c81b49d3481670be1d4f83540d50d246b71629637ff5925c4d00dab97b7b27b8b0439c6091a

  • SSDEEP

    12288:SvnoaqPTu0smA1T3ZLNEzuLtSl8Pn3dPgz1HPe8qo42i43EmEE:0noaq+T3ZBEzuZa8PnNAVUo42r3AE

Score
10/10
vidarstealer

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199677575543

https://t.me/snsb82
Attributes
  • user_agent

    Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0

Targets

    • Target

      c84f8c3f58c2d8193d9f78cffb67205037b48b66c1287e06413f11cbe0e16038.exe

    • Size

      1.1MB

    • MD5

      fcc226702f89fb80675c9b20156500f3

    • SHA1

      0f8b46119867e39e95de3b2f3b1aaa9784c2664d

    • SHA256

      c84f8c3f58c2d8193d9f78cffb67205037b48b66c1287e06413f11cbe0e16038

    • SHA512

      9e2a6c8a78094e8429185a9a479f41b9fc3053b8fca9a10ddc6529394970298fb68b2a4b70dd2a2929d8cbe3cce9e7e022b1dcfe7ea68e408aca71dda95e7ca2

    • SSDEEP

      24576:62vl0F/StbaUTIFxUmKhG3v99vrLdG1qqdLGI+Y8gt:62d0FbUTIFxUmKhGVJLA1qqIPY8U

    Score
    10/10
    vidarstealer

    • Detect Vidar Stealer

      stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks