Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

4168-142-0...ry.exe

windows7-x64

4168-142-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4168-142-0x0000000000A10000-0x0000000000C69000-memory.dmp

  • Size

    2.3MB

  • Sample

    241130-1qllcswpbt

  • MD5

    42b7a4f7b0baaefaedf0f5e37ca4d9f7

  • SHA1

    ec560cf01b17f0427d3ea694a5675f4b3cdcd86a

  • SHA256

    9c483210229d1a0295e06ca809c1193b626e9f6f21adf58a7b9561429c2737f4

  • SHA512

    27e419cb50323d2fc4196da5f9a49413e06e488a7b1043d2148089dd01e51949d1d7540a60da49fbbf09e0f77d8ebca074fe757884ff5586a0adc62fac779a70

  • SSDEEP

    6144:7zz+l/5tZtglL1fTpHitU+KAhjgRPg80nvrk:7zz+ljZtZKM8RPb0vI

Score
10/10
stealcvidar41d35cbb974bc2d1287dcd4381b4a2a8stealer

Malware Config

Extracted

Family

vidar

Version

11.8

Botnet

41d35cbb974bc2d1287dcd4381b4a2a8

C2

https://t.me/fu4chmo

https://steamcommunity.com/profiles/76561199802540894
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6

Targets

    • Target

      4168-142-0x0000000000A10000-0x0000000000C69000-memory.dmp

    • Size

      2.3MB

    • MD5

      42b7a4f7b0baaefaedf0f5e37ca4d9f7

    • SHA1

      ec560cf01b17f0427d3ea694a5675f4b3cdcd86a

    • SHA256

      9c483210229d1a0295e06ca809c1193b626e9f6f21adf58a7b9561429c2737f4

    • SHA512

      27e419cb50323d2fc4196da5f9a49413e06e488a7b1043d2148089dd01e51949d1d7540a60da49fbbf09e0f77d8ebca074fe757884ff5586a0adc62fac779a70

    • SSDEEP

      6144:7zz+l/5tZtglL1fTpHitU+KAhjgRPg80nvrk:7zz+ljZtZKM8RPb0vI

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.