General

  • Target

    919ffab5c013f6e383c7d1e6a7df5e01b91a30a129c8131c1f8bf0a7203e81f2

  • Size

    559KB

  • Sample

    241004-skshqa1cmj

  • MD5

    b89c5e6bb878851f0d198de606fa57cd

  • SHA1

    62fc1f008082a6f0451bc6461bbfd54bf43a9a46

  • SHA256

    919ffab5c013f6e383c7d1e6a7df5e01b91a30a129c8131c1f8bf0a7203e81f2

  • SHA512

    a47f16a96885390975c7fd9704bda11c42d8fcdb170c3b1aeffbdcf76759721de78838e9feffed36a79699245d917b106212e882cdbdf5d9df1dab1d21045780

  • SSDEEP

    12288:jSt9OYi8xZZjVIJf5YMQYMXiLJ96hS02lI2jcdvk1fOfPHEO:juTZB6Jfa1XiL+S02lI2jcJkFOnHt

Score
10/10

Malware Config

Extracted

Family

vidar

C2

http://proxy.johnmccrea.com/

https://steamcommunity.com/profiles/76561199780418869

https://t.me/ae5ed

Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0

Targets

    • Target

      919ffab5c013f6e383c7d1e6a7df5e01b91a30a129c8131c1f8bf0a7203e81f2

    • Size

      559KB

    • MD5

      b89c5e6bb878851f0d198de606fa57cd

    • SHA1

      62fc1f008082a6f0451bc6461bbfd54bf43a9a46

    • SHA256

      919ffab5c013f6e383c7d1e6a7df5e01b91a30a129c8131c1f8bf0a7203e81f2

    • SHA512

      a47f16a96885390975c7fd9704bda11c42d8fcdb170c3b1aeffbdcf76759721de78838e9feffed36a79699245d917b106212e882cdbdf5d9df1dab1d21045780

    • SSDEEP

      12288:jSt9OYi8xZZjVIJf5YMQYMXiLJ96hS02lI2jcdvk1fOfPHEO:juTZB6Jfa1XiL+S02lI2jcJkFOnHt

    Score
    10/10
    • Detect Vidar Stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Downloads MZ/PE file

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.