vidar | 922908588e610f0850310d00e774c52b1f83f32368f0d22ca3f644d9b5e7a0d9 | Triage

Sharing

General

Target

3ed7fd1da032a7057d2df0fcc98e7720_NeikiAnalytics.exe
Size

341KB
Sample

240528-l8vvesgc76
MD5

3ed7fd1da032a7057d2df0fcc98e7720
SHA1

7206f8504a68fe9e4a76045e8b8726e2dab66427
SHA256

922908588e610f0850310d00e774c52b1f83f32368f0d22ca3f644d9b5e7a0d9
SHA512

6f550ef040713b0b13dda2a30f32646a3ef94aef56a51627fd17ea1adf40520a200716b0cfc59c179c1937685ab2efe52682b225d5d15b375675cb29fe590d27
SSDEEP

6144:OuQRHexo0nwlQvG4IyynVKzVKJ5/eRFHVmGiP/9o0hVEhKh1ja:OuQRHexo0n24zVK32RRVmGiRhVbhF

Score

10^/10

vidar dc9bb8ba393575f39230997c07d51f4f

Malware Config

Extracted

Family

vidar

Version

3.1

Botnet

dc9bb8ba393575f39230997c07d51f4f

C2

https://steamcommunity.com/profiles/76561199472266392

https://t.me/tabootalks

http://135.181.26.183:80

Attributes

profile_id_v2
dc9bb8ba393575f39230997c07d51f4f
user_agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 OPR/91.0.4516.79

Targets

- Target
  
  3ed7fd1da032a7057d2df0fcc98e7720_NeikiAnalytics.exe
- Size
  
  341KB
- MD5
  
  3ed7fd1da032a7057d2df0fcc98e7720
- SHA1
  
  7206f8504a68fe9e4a76045e8b8726e2dab66427
- SHA256
  
  922908588e610f0850310d00e774c52b1f83f32368f0d22ca3f644d9b5e7a0d9
- SHA512
  
  6f550ef040713b0b13dda2a30f32646a3ef94aef56a51627fd17ea1adf40520a200716b0cfc59c179c1937685ab2efe52682b225d5d15b375675cb29fe590d27
- SSDEEP
  
  6144:OuQRHexo0nwlQvG4IyynVKzVKJ5/eRFHVmGiP/9o0hVEhKh1ja:OuQRHexo0n24zVK32RRVmGiRhVbhF
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

dc9bb8ba393575f39230997c07d51f4fvidar

behavioral1

behavioral2