General

  • Target

    9ce8c75892fbdc4793558467d98e05b17459cdce4078b0fb7c270495d195d747.exe

  • Size

    422KB

  • Sample

    240428-b6me6add75

  • MD5

    03750d84804cd05a1e7366dd52e67f71

  • SHA1

    c64e12d70a131e168d54e4074c3a11668779381d

  • SHA256

    9ce8c75892fbdc4793558467d98e05b17459cdce4078b0fb7c270495d195d747

  • SHA512

    bcffeebef54e05fac8b7ef3c8d491a686c8de0f5a00f8bf94f9486fb5091e1a916bc491256bf58a6751f9d128c4d9148bad97a3d459976862f26104d6988e4f7

  • SSDEEP

    6144:29KDb7RpkvFCCTnOPivspTpwlHe6EiZ1gFrzTt8ceX7seXztApIvejJXcxQC:zb7RpkMCsppwlRgFXG9XdtOp5ciC

Score
10/10

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199677575543

https://t.me/snsb82

Attributes
  • user_agent

    Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0

Targets

    • Target

      9ce8c75892fbdc4793558467d98e05b17459cdce4078b0fb7c270495d195d747.exe

    • Size

      422KB

    • MD5

      03750d84804cd05a1e7366dd52e67f71

    • SHA1

      c64e12d70a131e168d54e4074c3a11668779381d

    • SHA256

      9ce8c75892fbdc4793558467d98e05b17459cdce4078b0fb7c270495d195d747

    • SHA512

      bcffeebef54e05fac8b7ef3c8d491a686c8de0f5a00f8bf94f9486fb5091e1a916bc491256bf58a6751f9d128c4d9148bad97a3d459976862f26104d6988e4f7

    • SSDEEP

      6144:29KDb7RpkvFCCTnOPivspTpwlHe6EiZ1gFrzTt8ceX7seXztApIvejJXcxQC:zb7RpkMCsppwlRgFXG9XdtOp5ciC

    Score
    10/10
    • Detect Vidar Stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks