General

  • Target

    0c67ee4c05e79aba6ebc703a75c718ab3abcf0dbae55cc9e2b14a8bce5c4b3fc.exe

  • Size

    872KB

  • Sample

    241122-rj8b4syjbp

  • MD5

    2d42832b933e83988273afaaec5f0493

  • SHA1

    801b6d866fef88e20028505a5bc2f2dd4f5c1564

  • SHA256

    0c67ee4c05e79aba6ebc703a75c718ab3abcf0dbae55cc9e2b14a8bce5c4b3fc

  • SHA512

    9277dd40e7ff409c31fb85b2edcfa01c22a369db823d99704547f04e9a8a8b064448ce9f3f20c9ab6dfdf65628d2a199cba54cda2d4832a247945ada4424b28b

  • SSDEEP

    24576:2vLjiXcvLx5UCcoGWTUchpx0sEvQtyVbON:2DjiMvFvcoGWAchpOs9N

Malware Config

Extracted

Family

vidar

Version

41.5

Botnet

517

C2

https://mas.to/@xeroxxx

Attributes
  • profile_id

    517

Targets

    • Target

      0c67ee4c05e79aba6ebc703a75c718ab3abcf0dbae55cc9e2b14a8bce5c4b3fc.exe

    • Size

      872KB

    • MD5

      2d42832b933e83988273afaaec5f0493

    • SHA1

      801b6d866fef88e20028505a5bc2f2dd4f5c1564

    • SHA256

      0c67ee4c05e79aba6ebc703a75c718ab3abcf0dbae55cc9e2b14a8bce5c4b3fc

    • SHA512

      9277dd40e7ff409c31fb85b2edcfa01c22a369db823d99704547f04e9a8a8b064448ce9f3f20c9ab6dfdf65628d2a199cba54cda2d4832a247945ada4424b28b

    • SSDEEP

      24576:2vLjiXcvLx5UCcoGWTUchpx0sEvQtyVbON:2DjiMvFvcoGWAchpOs9N

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

    • Vidar family

    • Vidar Stealer

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks