Overview

overview

10

Static

static

3

JaffaCakes...2d.exe

windows7-x64

10

JaffaCakes...2d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_f7483493436d191fad924e8c67eea781d560ab45c907ed1a3f5519fcf691a02d

  • Size

    687.3MB

  • Sample

    241224-n8dbgswrbw

  • MD5

    b3d14cf78cd85ef90653e09929cf5383

  • SHA1

    99c1c6db53ce7ac28bfa7160c81c9665f729126f

  • SHA256

    f7483493436d191fad924e8c67eea781d560ab45c907ed1a3f5519fcf691a02d

  • SHA512

    6ff084b849a8607d347ed89db95142a94c4f7e1ccac07fe8d6ed3134089ef105871beb9d5b568b7c583ee50c35f4cb8af85ee04ea9f06eca15b2d88ab52ba32f

  • SSDEEP

    12288:ra6p+vUZzqE4nw1JnAW3CFNyv4kixmjIxYBd2UE5wdDLmtt:ra6p+v2zqE4nw1kXyvfvmOd22dDStt

Score
10/10
vidar713discoverystealer

Malware Config

Extracted

Family

vidar

Version

2.2

Botnet

713

C2

https://t.me/litlebey

https://steamcommunity.com/profiles/76561199472399815

http://157.90.148.112:80
Attributes
  • profile_id

    713

Targets

    • Target

      JaffaCakes118_f7483493436d191fad924e8c67eea781d560ab45c907ed1a3f5519fcf691a02d

    • Size

      687.3MB

    • MD5

      b3d14cf78cd85ef90653e09929cf5383

    • SHA1

      99c1c6db53ce7ac28bfa7160c81c9665f729126f

    • SHA256

      f7483493436d191fad924e8c67eea781d560ab45c907ed1a3f5519fcf691a02d

    • SHA512

      6ff084b849a8607d347ed89db95142a94c4f7e1ccac07fe8d6ed3134089ef105871beb9d5b568b7c583ee50c35f4cb8af85ee04ea9f06eca15b2d88ab52ba32f

    • SSDEEP

      12288:ra6p+vUZzqE4nw1JnAW3CFNyv4kixmjIxYBd2UE5wdDLmtt:ra6p+v2zqE4nw1kXyvfvmOd22dDStt

    Score
    10/10
    vidar713discoverystealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks