Overview

overview

10

Static

static

1

Loader.exe

windows7-x64

10

Loader.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_1d1c8fcae29d9ae99a16b9d9133158215643c2dc861af6c110e0d234a3585498

  • Size

    800KB

  • Sample

    241223-zpkf8s1kgw

  • MD5

    b6c25ca5c7314b0e79871c331c4f4dbe

  • SHA1

    c2005c86fdac8467a6ecfc08bf2c3ff2ae4e906c

  • SHA256

    1d1c8fcae29d9ae99a16b9d9133158215643c2dc861af6c110e0d234a3585498

  • SHA512

    cd8118a1bb69ec6806889bd79ecf9cb040b38aa61b2d948fcd0b508e9a032e5019e2b613a97443848ff7551e211ce28499a81dd2ae37526cd97cbcc44bdbea58

  • SSDEEP

    24576:2VsIP6gG7E/mXJjOxEmkkNZ5TPeAx0KAb:m6gG7EOXlAbxAb

Score
10/10
vidar1375discoverystealer

Malware Config

Extracted

Family

vidar

Version

53

Botnet

1375

C2

https://t.me/ch_inagroup

https://mastodon.social/@olegf9844e
Attributes
  • profile_id

    1375

Targets

    • Target

      Loader.bin

    • Size

      2.5MB

    • MD5

      401440d84425fb4c73973fd755ebe95c

    • SHA1

      cbf8069239707461df8daf5a6e1d0813a3b90532

    • SHA256

      831539db1b0f991c89177257a6d70c69e2cf6594526fadec1ec2b2273e0c48cd

    • SHA512

      a702b401880b8bf856a93808f9503531475f1b2732299bd28c4b003a1520dbdde1ec5a8df1e9b2eba41a7770b74afbfec3d151e3d09a6077a00230a6e85173a7

    • SSDEEP

      24576:VnY3YLYK4QklMoxHl3ncv5gSSucJoVXXRKSZEuKQhN/UL5Lw+cwsl3RuQ55313U:VncKRgSNXRDsQhN/UL5M+ql3u

    Score
    10/10
    vidar1375discoverystealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Vidar Stealer

      stealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks