Overview

overview

10

Static

static

3

HSRMinty/sрооf.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HSRMinty.zip

  • Size

    1.1MB

  • Sample

    241004-3ev2rswgqh

  • MD5

    408cadb9d4c0ae6bcae6de2dd1fc598d

  • SHA1

    0f70e62616667a4af8a99b98c0e7661dce1a11c8

  • SHA256

    549fe633a6c3c00856737d2904e7bd0bdd64e5a3992f07d61aae0fa3d349bae2

  • SHA512

    e979d44ad7fd80eacca4b56819e4ef19bdabbdba1f9fb87aa37911f1b81542e86e2ed134b0a116098b2227eb9850efd087baee8efe3e6c80d26f3abc02e1d707

  • SSDEEP

    24576:AigpN/nMA2ahNoFwINSCXPmr9SljCXkV3/G1dQo:Aig/nMANhAwIfXPkSljCXaKz

Score
10/10
vidareaf6a345ac330495ebc83200e0a7497ddiscoverystealer

Malware Config

Extracted

Family

vidar

Version

8.3

Botnet

eaf6a345ac330495ebc83200e0a7497d

C2

https://steamcommunity.com/profiles/76561199651834633

https://t.me/raf6ik
Attributes
  • profile_id_v2

    eaf6a345ac330495ebc83200e0a7497d

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0

Targets

    • Target

      HSRMinty/sрооf.exe

    • Size

      447KB

    • MD5

      eba859aa8105b84ea4e9e7726d3aa96c

    • SHA1

      2c6b45eba06308dfd0a17776c7a2ef71c9d55b06

    • SHA256

      a18e38ddac5882867a012958d04eebbbe6249ffd7880ff7703f91e6b32c1737d

    • SHA512

      d8f69f8027adfe40af15ba47654a27878c2428ee56f3e1b135c7bfdd38862290ece630d33b38b7c90f23d6f7856b3e183c647c0ac8190807973b8f0cded33d4c

    • SSDEEP

      12288:AUMdX23s7N6pQOAmAPAxRIMQdGTdv8726yuvC3aAnZ:ZKZ6pQxmAPIudGT+wu6N

    Score
    10/10
    vidareaf6a345ac330495ebc83200e0a7497ddiscoverystealer

    • Detect Vidar Stealer

      stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks