Overview

overview

10

Static

static

3

2024-12-25...ch.exe

windows7-x64

1

2024-12-25...ch.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-25_b9f9c8e89f6b320ea6902a9134c2e08b_frostygoop_poet-rat_snatch

  • Size

    13.0MB

  • Sample

    241225-1kkf4symgw

  • MD5

    b9f9c8e89f6b320ea6902a9134c2e08b

  • SHA1

    8e826bb7842def06b4882f904529e651ce2163e3

  • SHA256

    516d15f9154a2c096effe0797ddef98d44bc1b7e8469880cfbada34ca812acd9

  • SHA512

    e96addc4e7197e43119c4dc3fb79831ab4440a69cdca260b372304957082e080e71763e56aed638e8ce20115ae80c43ec2456fe3b4fe00a971417f433155fc1e

  • SSDEEP

    49152:OZN6W2fQrQOVlMmtSUmUCAI/sysIDuEjj6fk2UucKP9dQb:c6WDRKLUCZ2UucKFm

Score
10/10
vidarcredential_accessdiscoverystealer

Malware Config

Targets

    • Target

      2024-12-25_b9f9c8e89f6b320ea6902a9134c2e08b_frostygoop_poet-rat_snatch

    • Size

      13.0MB

    • MD5

      b9f9c8e89f6b320ea6902a9134c2e08b

    • SHA1

      8e826bb7842def06b4882f904529e651ce2163e3

    • SHA256

      516d15f9154a2c096effe0797ddef98d44bc1b7e8469880cfbada34ca812acd9

    • SHA512

      e96addc4e7197e43119c4dc3fb79831ab4440a69cdca260b372304957082e080e71763e56aed638e8ce20115ae80c43ec2456fe3b4fe00a971417f433155fc1e

    • SSDEEP

      49152:OZN6W2fQrQOVlMmtSUmUCAI/sysIDuEjj6fk2UucKP9dQb:c6WDRKLUCZ2UucKFm

    Score
    10/10
    vidarcredential_accessdiscoverystealer

    • Detect Vidar Stealer

      stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

      credential_accessstealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks