Overview

overview

10

Static

static

3

Roblox Che...ox.exe

windows10-2004-x64

10

Roblox Che...UI.cfg

windows10-2004-x64

3

Roblox Che...ig.dll

windows10-2004-x64

1

Roblox Che...ib.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Roblox_Cheat_Free[1].zip

  • Size

    2.0MB

  • Sample

    241125-zzdfnswpav

  • MD5

    5c707c76d6f05558fcb5b58f03537c7f

  • SHA1

    db9db4b2a6b98a6b6d31c2eefcd552d8af19fa86

  • SHA256

    863236c7bdd432650bad5cba9c9ecc5a89a65ca326cf2fc3dcfbe92da0c20072

  • SHA512

    e1472a7356899b49111887bfd843f593f44229b42fcbfde61da6b8cdb6e5f92210733352afbe7cc97ae980899931b00590baf34fd4b443d636f47b76b0e62560

  • SSDEEP

    49152:2uh3e36bMAcf8YCQBhGP6t5rt+KcE7U031tcTEa2cFh27TqzpAq/:dh3IBKQmKtbwlwa2ca7Gz

Score
10/10
stealcvidara17f83dafa130de24986f1ad305270d5discoverystealer

Malware Config

Extracted

Family

vidar

Version

11.7

Botnet

a17f83dafa130de24986f1ad305270d5

C2

https://t.me/m07mbk

https://steamcommunity.com/profiles/76561199801589826
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6

Targets

    • Target

      Roblox Cheat Free/Roblox.exe

    • Size

      4.3MB

    • MD5

      0348fffafb59ece4aa4e5304ee89488d

    • SHA1

      6c1a2c3cb6e7a4b81e7c5011ff5b98e87d6740df

    • SHA256

      679a1ccf565bc8e97f67637df2dfda231a2d5a4ea5d83cefa2fb2c6b390ed082

    • SHA512

      0a37d386ff0924790706692503f1e18036f67d5841ed26b913249eddf336382d29fdb4e8d20d3b4a3d1cd31f57b7bf3a661e5f961b4054f84923c413423a7210

    • SSDEEP

      49152:h/EsnrGL+AJ047LhE7z6UJflrOQy7BDfXMzs+EIdL7j4VyKcEtYAVttcYzGUX6lQ:h8srjg7lE7KXMzS5CV9o

    Score
    10/10
    stealcvidara17f83dafa130de24986f1ad305270d5discoverystealer

    • Detect Vidar Stealer

      stealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Stealc family

      stealc

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Suspicious use of SetThreadContext

    behavioral1

    • Target

      Roblox Cheat Free/UI.cfg

    • Size

      124KB

    • MD5

      8878cd46e844007cb78e36aaa32942af

    • SHA1

      98d31c49a66ac5203acf3393b1a8e42be0a1475e

    • SHA256

      4b684f617be51f2902e5f615d1dab6f86cbc3a1aa1ee6f9ca7aea6cbb6a1e010

    • SHA512

      916a95dc3bd8d378f5c5ed51a3d0e8a240697d0cb5a7e5e340e2983a64a50215cc30591c07ba4752417d6f64845c5c8c376d2f1181181ecf25e77cefeb1b7fbb

    • SSDEEP

      384:1PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPx:n

    Score
    3/10
    behavioral2

    • Target

      Roblox Cheat Free/config.dll

    • Size

      31KB

    • MD5

      d30f097bdfd7c9e5f4993f6b28ce58a4

    • SHA1

      60537de48b8b9d127d5394b9741d2d78d5b6d5a5

    • SHA256

      b086ec216f9d580a7035b6277928169b3026b35a5273e995169d9bfd29bd8246

    • SHA512

      2e82c65cf215f2f2ee21f8f0df209bc4182d1e035d320ea8ef7fb8784388ad143a8fc107651425c5011f87e1ae0326f24480ab7b47d4f7672c630cd2562aaed4

    • SSDEEP

      384:1PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPP1:j

    Score
    1/10
    behavioral3

    • Target

      Roblox Cheat Free/lib.dll

    • Size

      576KB

    • MD5

      ce4dbde963ad7ca682fd27423deafc78

    • SHA1

      bb10f883385d96e71d29b4c662b44373faaeee2b

    • SHA256

      2a00b0a893b262e38ff4577fcc43431884d793b549e7225ac716637c4aac0cb6

    • SHA512

      b00dc9ffb1860f35ad9f86e4f36e5b6a2178d061f6db2a4f9154ce1bc9648239d8365c90b7174e3b436798cf97c50b66da7592eb7397847bae3cf603f159f62c

    • SSDEEP

      384:B5PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPp:h

    Score
    1/10
    behavioral4

MITRE ATT&CK Enterprise v15

Tasks