Overview

overview

10

Static

static

3

2025-01-22...ch.exe

windows7-x64

10

2025-01-22...ch.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-22_6e117e7146c50b28fcd418b5a05794e7_frostygoop_poet-rat_snatch

  • Size

    7.5MB

  • Sample

    250122-w8ajlazpfk

  • MD5

    6e117e7146c50b28fcd418b5a05794e7

  • SHA1

    06507fee4e24b080245b19d135c47f36760b65aa

  • SHA256

    ed7521d14f5ab997a03b696c947890ab3e37a471839ac307660b5aaa71271187

  • SHA512

    13764546a0e5b13b4714e66f0a75b9afe996ce89b751b1b108ec215798341d81c4907f493d83d297d5f9545eeb30197ad778313f0dce533feb7a69c3d93140e8

  • SSDEEP

    98304:IqQQR1e4hd0WcPU/6xlwQBVqd7eFHgGfx/DoodfJ:rJIo/2lF/qd7eFA4ZJ

Score
10/10
vidardiscoverystealer

Malware Config

Extracted

Family

vidar

C2

https://t.me/sc1phell

https://steamcommunity.com/profiles/76561199819539662
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:136.0) Gecko/20100101 Firefox/136.0

Targets

    • Target

      2025-01-22_6e117e7146c50b28fcd418b5a05794e7_frostygoop_poet-rat_snatch

    • Size

      7.5MB

    • MD5

      6e117e7146c50b28fcd418b5a05794e7

    • SHA1

      06507fee4e24b080245b19d135c47f36760b65aa

    • SHA256

      ed7521d14f5ab997a03b696c947890ab3e37a471839ac307660b5aaa71271187

    • SHA512

      13764546a0e5b13b4714e66f0a75b9afe996ce89b751b1b108ec215798341d81c4907f493d83d297d5f9545eeb30197ad778313f0dce533feb7a69c3d93140e8

    • SSDEEP

      98304:IqQQR1e4hd0WcPU/6xlwQBVqd7eFHgGfx/DoodfJ:rJIo/2lF/qd7eFA4ZJ

    Score
    10/10
    vidardiscoverystealer

    • Detect Vidar Stealer

      stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks