Overview

overview

10

Static

static

1

URLScan

urlscan

https://github.com/j...

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://github.com/jhmendes2005/aluroni-router/blob/b78334b33c03f53c2bfff0357443eaea0eb99c8b/Fluxus%20V7.exe

  • Sample

    241027-vzbjvs1brn

Score
10/10
vidar467d1313a0fbcd97b65a6f1d261c288fdiscoverystealer

Malware Config

Extracted

Family

vidar

Version

11.1

Botnet

467d1313a0fbcd97b65a6f1d261c288f

C2

https://steamcommunity.com/profiles/76561199786602107

https://t.me/lpnjoke
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0

Targets

    • Target

      https://github.com/jhmendes2005/aluroni-router/blob/b78334b33c03f53c2bfff0357443eaea0eb99c8b/Fluxus%20V7.exe

    Score
    10/10
    vidar467d1313a0fbcd97b65a6f1d261c288fdiscoverystealer

    • Detect Vidar Stealer

      stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks