General

  • Target

    ad9c40c2644ff83e0edbc367c6e62be98c9632157433108c03379351fe7aeca5.exe

  • Size

    384KB

  • MD5

    d78f753a16d17675fb2af71d58d479b0

  • SHA1

    71bfc274f7c5788b67f7cfae31be255a63dcf609

  • SHA256

    ad9c40c2644ff83e0edbc367c6e62be98c9632157433108c03379351fe7aeca5

  • SHA512

    60f4ebe4226fae95f6f1767d6f5fff99f69a126f0c827384c51745c512f495b001051d4273ca23bc177ec2c0511ec7f9ae384e3a5e88e29ce278ac45a55a39b8

  • SSDEEP

    6144:elqPvKpKJNJGyRlyY8aSp0Vbux0R4kF/Y/o8+:emRJNMalyjaO0Ix6BY/s

Malware Config

Extracted

Family

vidar

Version

11

Botnet

2ee1445fc63bc20d0e7966867b13e0e1

C2

https://steamcommunity.com/profiles/76561199780418869

https://t.me/ae5ed

Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0

Signatures

  • Detect Vidar Stealer 1 IoCs
  • Vidar family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ad9c40c2644ff83e0edbc367c6e62be98c9632157433108c03379351fe7aeca5.exe
    .exe windows:5 windows x86 arch:x86

    118187c3a5a9d853faf932e2bfb655fe


    Headers

    Imports

    Sections