Overview

overview

10

Static

static

1

Luna.exe

windows7-x64

3

Luna.exe

windows10-2004-x64

10

d3d9.dll

windows10-2004-x64

1

d3dx9_24.dll

windows7-x64

1

d3dx9_24.dll

windows10-2004-x64

1

vcruntime140_1.dll

windows7-x64

1

vcruntime140_1.dll

windows10-2004-x64

1

Resubmissions

02-02-2025 05:52

250202-gk9lfszpfm 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Luna.zip

  • Size

    4.8MB

  • Sample

    250202-gk9lfszpfm

  • MD5

    a25d93a90c12faba6336d6950335bf02

  • SHA1

    51c5516dc562c5004f4da342d20747ed8877f8f1

  • SHA256

    b782424ea7fc5ff7a800a63201e3c7dcba6addf794f94fdee90754514701c20d

  • SHA512

    9556edb15da58c4b57223d94c42592e3f82de0ed57c13255ab2f0e0f704e4a7940b3317e91e45017a40db8e051ca6b2fccfabff3c8be23890dc377a67b1ea104

  • SSDEEP

    98304:hBcsjfFvWFTyZXhfGpJhJ3A5eADXVATMZPBB9aTgmJTX6N+0Xh6lzi3r:/twy5NGpJhFA5nOwNBa1D6w0XhuzEr

Score
10/10
vidardiscoverystealer

Malware Config

Extracted

Family

vidar

C2

https://t.me/m08mbk

https://steamcommunity.com/profiles/76561199820567237
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:136.0) Gecko/20100101 Firefox/136.0

Targets

    • Target

      Luna.exe

    • Size

      3.7MB

    • MD5

      a425e9ae201f3aea1583f56c1194d0d1

    • SHA1

      e533d3fafedec17a344b1f0dca240854c9b67cbb

    • SHA256

      0db9e114fb628164f24fde65b37ab19e4db07e9a60f1a94c3111dd8e85feef94

    • SHA512

      d3b60dc84ae98c4589d31e54c2ac7de83527814cbf442d2211a6b77678d41ba05ae64b8fa39b8d525d0a5df46c510b9881ec944c92e1b82490fbb259e2303def

    • SSDEEP

      49152:+3iYNwJmVVyVfDeCO2sST0tnx8t/dSoV1Yer1nCYr093R+pQis++ELzl/KuBIYyI:+SYzV2O2sUmnoX1+Ri3s+p3y5zMPx

    Score
    10/10
    discoveryvidarstealer

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      d3d9.dll

    • Size

      1.8MB

    • MD5

      7b7447b345be7891c781915ffb1f4dce

    • SHA1

      891a05f75b952880136426f409435ece5d5b7a0c

    • SHA256

      91e0b91a628c32113dbffd820cbe219a55f54d68b4aedbdcc849c70ee3772223

    • SHA512

      8976d11781f610360b5c2aad70648107bdbdc1c99cd6a1c146162743312dea56f8a6b0ba35dc040c1a098369eac13a055c7a8157de8611d34b4e79d2c2b213e8

    • SSDEEP

      24576:1SwHWp3qWhlDzf6uNEQbaYv2KUYPMQlZh9OPXwBxNcBWgskrh8j/2L+qblg9nP:12p3qWjzf6uaYv25LKxH4skdL+qblg9

    Score
    1/10
    behavioral3

    • Target

      d3dx9_24.dll

    • Size

      3.4MB

    • MD5

      b165df72e13e6af74d47013504319921

    • SHA1

      c45b192cf8904b7579bbc26c799aa7ffa5cbb1d4

    • SHA256

      1ec422bd6421c741eef57847260967f215913649901e21dd9c46eb1b3bb10906

    • SHA512

      859b6cd538735e5cc1c44f63d66b25588ad1ad32202cae606ff95b8c4a80f6a66db9ef7c5d43820010de9334b8bbbfb079939ce89ba0b760f5d651d7fa8268ed

    • SSDEEP

      49152:oKcfEwqx3mAEXywKYlip1rq1UzMYdBf4Uhn6bZy4rW4uosdBxn7LFU:O8f3R4YN6SrhBpLFU

    Score
    1/10
    behavioral4behavioral5

    • Target

      vcruntime140_1.dll

    • Size

      48KB

    • MD5

      7e986e7469d9ab3b1138353418da1793

    • SHA1

      77903692aae688f6d5b04511d5006c66ce4daf8b

    • SHA256

      0e560532e721b6938dafe4055eedd0251ba5eb5994cd96937cebbcf16a7ddae5

    • SHA512

      6c8951ae9a0e329cf32eed8bf32bd83294e7a1cf7f16dd716cedbed4caf39e56e62c5f639091f9711922443ada7dbc61dffcace093211d70a85821f19883cbea

    • SSDEEP

      768:uzzO6ujT3MbR3vXCz6Sz2q83yvjdsrU9zcgElebe9zVFZ:rq/XU63Cjd9zcZebazDZ

    Score
    1/10
    behavioral6behavioral7

MITRE ATT&CK Enterprise v15

Tasks