Overview

overview

10

Static

static

3

2025-01-28...ch.exe

windows7-x64

10

2025-01-28...ch.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-28_60066903007439df4bd4ec4ca700c5fb_frostygoop_poet-rat_snatch

  • Size

    5.4MB

  • Sample

    250128-2ckycawmfr

  • MD5

    60066903007439df4bd4ec4ca700c5fb

  • SHA1

    287a32a9377a59bea3eead2815fee04ab763fab1

  • SHA256

    e2dfbb79b8a1b4804682fa19a8baa03e293aa3e1e8914c63a3b187c161af5473

  • SHA512

    53324711810c34ac34062fc2c20b3075d3e6bb4d4d84bfa871051192d840c93cd1d81247eb894087c76f9c5767eb04ad48ac72d1d67696245db336e8f1ed2ac9

  • SSDEEP

    49152:/rVH9wJ2mIN21UWc0rL9fo4kr0rJ9CqZ4wCaskewltaEe6UdZ8ZORD17:t9Fm22O0rW7r9wCK

Score
10/10
vidardiscoverystealer

Malware Config

Extracted

Family

vidar

C2

https://t.me/sc1phell

https://steamcommunity.com/profiles/76561199819539662
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:136.0) Gecko/20100101 Firefox/136.0

Targets

    • Target

      2025-01-28_60066903007439df4bd4ec4ca700c5fb_frostygoop_poet-rat_snatch

    • Size

      5.4MB

    • MD5

      60066903007439df4bd4ec4ca700c5fb

    • SHA1

      287a32a9377a59bea3eead2815fee04ab763fab1

    • SHA256

      e2dfbb79b8a1b4804682fa19a8baa03e293aa3e1e8914c63a3b187c161af5473

    • SHA512

      53324711810c34ac34062fc2c20b3075d3e6bb4d4d84bfa871051192d840c93cd1d81247eb894087c76f9c5767eb04ad48ac72d1d67696245db336e8f1ed2ac9

    • SSDEEP

      49152:/rVH9wJ2mIN21UWc0rL9fo4kr0rJ9CqZ4wCaskewltaEe6UdZ8ZORD17:t9Fm22O0rW7r9wCK

    Score
    10/10
    vidardiscoverystealer

    • Detect Vidar Stealer

      stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks