Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    TradingView_PRO.rar

  • Size

    6.8MB

  • Sample

    241011-my22estdlm

  • MD5

    c4e366fb7c1875db195b6665d170f16f

  • SHA1

    8d88e33867fa7af02d1fb62a9e698676461e2846

  • SHA256

    e9c35b32ff5f1637e1057d36a26c622dde0744d5004cd55ddf43800196f92e04

  • SHA512

    e229546b1b3b7f845024d5669b60d3a2528f5125273f53aa60ee02a291dc0118eb710e570f27b9502477138311a9d8fc08f21e6673f98d40ad9f98d7ed215dd0

  • SSDEEP

    196608:E71OrLjmS48jWd0ppe14PBgaGAkYDACKbWSx9:UOnSbOpp44PBgaGATGl

Malware Config

Extracted

Family

vidar

Version

11.1

Botnet

91ee094dd9ffff7505d0f982e8e1ca3f

C2

https://steamcommunity.com/profiles/76561199786602107

https://t.me/lpnjoke

Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0

Targets

    • Target

      TradingView_PRO.rar

    • Size

      6.8MB

    • MD5

      c4e366fb7c1875db195b6665d170f16f

    • SHA1

      8d88e33867fa7af02d1fb62a9e698676461e2846

    • SHA256

      e9c35b32ff5f1637e1057d36a26c622dde0744d5004cd55ddf43800196f92e04

    • SHA512

      e229546b1b3b7f845024d5669b60d3a2528f5125273f53aa60ee02a291dc0118eb710e570f27b9502477138311a9d8fc08f21e6673f98d40ad9f98d7ed215dd0

    • SSDEEP

      196608:E71OrLjmS48jWd0ppe14PBgaGAkYDACKbWSx9:UOnSbOpp44PBgaGATGl

    Score
    1/10
    • Target

      Soft.exe

    • Size

      11.6MB

    • MD5

      e07f44a87703de090d1eb0dccd846553

    • SHA1

      7905082ab227b83cf2ae74617828ad363d0ec8d6

    • SHA256

      11c38e3bd3e0cd2b4f783efe5bd007e0ffe28162c5e343509028719a437810d8

    • SHA512

      0c859e2c52cc3e0ceeaf6fefe7d7c4f5bec3dc9822207c841ce96501364e987e1a2aaa828cbb2840e8c61ee002dd631355969e11ff7fef678d132819046ee1f4

    • SSDEEP

      49152:f6CsLrzgdhBxDv9nWzUQBzD5I574hzdHmjh7ezq5DZ6rUSpSUDmPsCGd/5Nj11lm:bs/zgdtDBEUuH8VxnSNf+SOSkln

    • Detect Vidar Stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

    • Target

      dll/EntityFramework.SqlServer.dll

    • Size

      577KB

    • MD5

      af1646b1c2227ab206d855bd068535cf

    • SHA1

      3cd982ad2fb00a50151d7f416e4b05f79528496e

    • SHA256

      a960dd4d2f0f37b3c09ffb9567c32426b8791310d7eb935c04c819c3d46bd49e

    • SHA512

      04eb6b5ec3a1655ae2fc661f6f9053f7743a2c624c4e8b0e1e6660fcb135a847adda27919ae8f38987e370e0114bd5ce45e01f1c894019a864a22cae3d24af0a

    • SSDEEP

      6144:EcK9UcUZV25QiE0U0CxzB6zHK1HHYkIfPQG2puGeqVmjaVmnS4bfu65+:fcuV200veIJu65

    Score
    1/10
    • Target

      dll/FeedbackCommon.dll

    • Size

      307KB

    • MD5

      9a6a4c9dec73c5a28ed4c7f7cc3e0c3e

    • SHA1

      84f547be9b4b6112a5b8ada27b72f6609c4c566d

    • SHA256

      fe9bb227f2faef7d6b4fd00c823ef584b93c40aba9d82ecb0d970910e99679ce

    • SHA512

      bb84611f93f947b65b839ab859d79b4f6994348ebf68f735b2c30bd58a686e2c5e127a074a027f3f5afc5c536fc40dcad43af5e302cb409e0c6248fa1bbce82d

    • SSDEEP

      6144:VqN+kNEbSraPv82L1I9kure9z/5XI2Q1DnopldLy+L:y6bSmPvJgczR5Q1Kyq

    Score
    1/10
    • Target

      dll/FileReport.dll

    • Size

      105KB

    • MD5

      a0a885bd902a59309bbe4d7d08afada1

    • SHA1

      0c11373f753c74e732f8a1efa433831298728697

    • SHA256

      7b5db936d7af2bb3bbfd6b44310f44806c21391a52a41e365acef4db9a18c8f0

    • SHA512

      6f7d1c55df83ca0b07411ba02518afb24cb16b2cb7b33f06690ac459e7839fad58e4c4d6668e5074f43d684f52d1d41a733c1000a1889e6410c3bcffa526bcf3

    • SSDEEP

      1536:1556cODOs2gM15o/bKM+Jsf7Vg7kQqO2ypykKZqrzt5zSs/I6Sv7HxgN6W:1ifOse15aOJsf2+yjKorzt5zHAvv6N6W

    Score
    1/10
    • Target

      dll/SQLite.Interop.dll

    • Size

      1.2MB

    • MD5

      eaebd32500264123ef3f2a4cd2aee629

    • SHA1

      ee7976940c545759bbb0a0047f0fa6cd970c30f5

    • SHA256

      a7f95a7eed84db9cf419c03a7c05231fdedf3a042fd10259e6938eedbda3a1ac

    • SHA512

      fcfdf839d7bfa920483314e3e3ab0b0c83669883a6c5c7abd5966fd7ca14940bb07dab219dc22031941e4155b2f4fc7bd8fb76c639b191dce052df7f537da62b

    • SSDEEP

      24576:RKE4r0RaYdKYR7KtLqUmZRDiJC7Z2CQiQYZh5YAIQLs:8hr0RZ5RGtA0KpcYZ8tEs

    Score
    3/10
    • Target

      dll/iTunesRepairCLR.dll

    • Size

      251KB

    • MD5

      91156eecd5a86a359116c590d27466c8

    • SHA1

      695dcce166e4782c485f3e8e56c08873e0bd4504

    • SHA256

      51ca7821ff22ae13d1216a72b9ed0137fb03c1c26a220999a07e11cf5c506ede

    • SHA512

      c71c62e4c7e0d4a8666a6aa5c99aa135d7e40824621026c2be6f2af41dff4b57cf1e64da8c0a6824454e2334bdc2affedadc952f07e27217dfee5b21d855474b

    • SSDEEP

      6144:vh7eqYdp7zSC1gz1quJimyHBeEZkOFIbvwcbTpO/0hRvrqSD/YHgCn0Ln:vh87zSYgz1quJimoBeEZkOFIbvdpHvDH

    Score
    1/10
    • Target

      dll/iTunesRepairCommon.dll

    • Size

      418KB

    • MD5

      f06de1bc253f3cc89aad496291aa3a7f

    • SHA1

      96eec4a7c9ee6ca75dbd728d35d819115e4496c6

    • SHA256

      cefba3a426a57e4720307dd5990322162791f9ea444c9dad432d7cb7c2feb294

    • SHA512

      bcd43b508d79026f5489beb6ae052ca3e6f75e6dd418f816b4d2e638878628a78c91791eef83afee95a98274a5c660f5eb7939903f4d7d7d0de33887122f3717

    • SSDEEP

      6144:nrlNsxq6bOyE5uaqAKMCEhrcIzccMPktA/K8DC8KXgNNExOfm4dddxdddoVuwLND:nrsxR3MqD/XK86g5YNXz

    Score
    1/10
    • Target

      dll/libcurl.dll

    • Size

      542KB

    • MD5

      07ac3e92e0ffd0b5b12f7ade2c310419

    • SHA1

      7d54530f6641f7ae3b597a3f26139a40bcf5ce9b

    • SHA256

      401e9665ccaead776d966b9064e8fb1b51d6cf22b3b134e1515b750714fd6b98

    • SHA512

      149154a2d0d360475d6d78738f608a6d22f29605c126e7bddcee365d40a410ef0739feb5c17a1af32899543a34519d2183242968640e29df0e03346e6847c882

    • SSDEEP

      12288:jA3uJu2rBBXQ5qNf8I+UkCVmDnw0NIjU6y+n/U7N:jA3uJrBXQ5qNNfkK8nw0ijxpUR

    Score
    1/10
    • Target

      dll/libdispatch.dll

    • Size

      108KB

    • MD5

      2139af75442b468ad2a3b3c755a4da53

    • SHA1

      5f265b913bb8dc8eca773f57e38338a8829e84e5

    • SHA256

      459150bc518575cbd702c7e7f8df01d6e551d42354bd791bf75dfb1763afb622

    • SHA512

      87dfa3bb19a3f5912a809dd99ae38fcd8326302a0a93e3249b690996e5573216f719fcdd5c647baf67b72c4e971f42b33e155def6b0ce228bf8fb451bfb7debe

    • SSDEEP

      3072:UljbozJ/JwMCDADZ4TMiI1LfxeNRVGNa3x1B:gbEh7CDAWMiZwY

    Score
    1/10
    • Target

      dll/libicuin.dll

    • Size

      2.4MB

    • MD5

      78c64b3156f8e070ccab351a96aab1e7

    • SHA1

      3383fc6cae65078b7be1681852837beda102dfac

    • SHA256

      25694350aea200b742dabc08576728856b3a4ebe479661737f14213323655ff5

    • SHA512

      1d20baf31fab11150b9507078723393a81abb2515bbde31fb36c41b1f576b7a603eec42c645f4efffc0bf7faec3833fd88d5c40b66c90b3f0c7619479319762a

    • SSDEEP

      24576:/QFxbR+M8IY5d0FQqv0bcSPcj4eA/bcnU92xkAfQORBAZm9TsTpdX:4z1iIY5d0F8bHjd4ny2AZm9yHX

    Score
    1/10
    • Target

      dll/libicuuc.dll

    • Size

      1.5MB

    • MD5

      e4a7d8761e5b4d78370b4b530c904bff

    • SHA1

      fa26af028d250cfb5d199674cdf7f2e4b2ae70a7

    • SHA256

      df4a1e45fb00ef3eb58d9eccf3b87ff064206f29906119a8d58316dc73854d59

    • SHA512

      7089a0f7e5799f9c923b32a39295ab4e2b0c2567f0e7f41d6bce395856c7b8f3cc77d4ad32dd3287158f805d34184cef8477b64285522be5dbd4984cd9e92bb8

    • SSDEEP

      24576:8mOiW6DF68nc6aUI58Oj7Uc585mXPjpTpW7MY5:XOwF68nEjRjYiXX8n5

    Score
    1/10
    • Target

      dll/libssl-1_1-x64.dll

    • Size

      676KB

    • MD5

      68fda88259572d37d733b6a4c6449ce3

    • SHA1

      cb6af4c75e5948dd2f84a8e6ed40066497225293

    • SHA256

      57eb8e72bbad676b997fb9616e6e758ef4fbaba92b84735f5bfef5f81821cf3a

    • SHA512

      9557a831f31ce1eb74b36ed1b2d4157393f08eaefa26d92458d405413f818798022bcf7825799f985f0f3fc158d20239660f5c6624baf88a755bfea2777e3b0b

    • SSDEEP

      12288:tqNXZzq3TPx1XI8afSk/bseSXnfIAGa/1R+CQGkQIEijxFMU2lvzC:bLXtafsp/1R3x9o9FMU2lvzC

    Score
    1/10
    • Target

      dll/libxml2.dll

    • Size

      1.3MB

    • MD5

      e6e4bf12336d0ce68a20a2e89274e06a

    • SHA1

      8e0851a6df0eb49b92704d0ec3ed969d427eaed6

    • SHA256

      4be1bd36d8771b3bf521013077f254359668e46dd75e30f9b85490a328d9301f

    • SHA512

      e62746ee01ef6b4c39b813ff6ce5e41ee1675ff433067bb7d316146253c7b65a1d6ebd8daa1c0f7b567d54bc813d7e3bf707b52716d651e16f269a13ed248b7f

    • SSDEEP

      24576:lvSvQDyhQi62i16+7t7hMMaVQQGQaN3sAPTJ4zBnu3U6f:svQDy7etFuQQlaN3sAdeZM

    Score
    1/10
    • Target

      dll/tk86t.dll

    • Size

      1.4MB

    • MD5

      fdc8a5d96f9576bd70aa1cadc2f21748

    • SHA1

      bae145525a18ce7e5bc69c5f43c6044de7b6e004

    • SHA256

      1a6d0871be2fa7153de22be008a20a5257b721657e6d4b24da8b1f940345d0d5

    • SHA512

      816ada61c1fd941d10e6bb4350baa77f520e2476058249b269802be826bab294a9c18edc5d590f5ed6f8dafed502ab7ffb29db2f44292cb5bedf2f5fa609f49c

    • SSDEEP

      24576:J7+Vm6O8hbcrckTNrkhaJVQhWnmb7u/DSe9qT03ZjLmFMoERDY5TUT/tXzddGyIK:JCQ69cYY9JVQWx/DSe9qTqJLUMPsJUT/

    Score
    1/10
    • Target

      dll/ucrtbase.dll

    • Size

      1.1MB

    • MD5

      9cd0aff3e05fca90bf9a227c94669df6

    • SHA1

      2330e02db78010c44838f5c542edc7d4e1be00c8

    • SHA256

      fbed69a52fdcf571dd37fe4cc63cb86ed3732b5b998807f14968788027c00754

    • SHA512

      1f29aaf87dcea351f146121a812794ec51b5ad9b0373ad6872d34a51c2c4cc2a16a6ee3b3945a4ad885918d108ce4742f12d3e0c5dd9aaa5c5a4ce310e4cc08b

    • SSDEEP

      24576:iJG9DZM19Y7ieC9dQ8ODtLV8+BaC6EOxPcUz1RmxvSZX0ypHNHh:R/q1vOhq+BaPHxhp7

    Score
    1/10
    • Target

      dll/zlib1.dll

    • Size

      100KB

    • MD5

      27481dd5b29d58ff9ec04a0ec36b1919

    • SHA1

      9832d9f0b88250ada3b2fc18f1c22810d960d2bc

    • SHA256

      d4accd4e268a6b846c10f66bb344de216788cf6721acdf810f67051559540ceb

    • SHA512

      d1507f962c1d97d4d74114ed7b3781d4bf15c3d85e04f365b52a43a92ef844cad5e801aed435c3cfbd231b8bd2c6e6d9b6896349dbea5849f0aa29b28890031a

    • SSDEEP

      3072:mzWFv0opgFRu932zghRGgtSubFYfxeNrfGNt1xC:mzWFvXaRu9ugHGgtSubpA+

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.