Overview

overview

10

Static

static

3

SecuriteIn...58.exe

windows7-x64

10

SecuriteIn...58.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.Inject5.16384.2170.8558.exe

  • Size

    6.4MB

  • Sample

    250209-svwccsvpal

  • MD5

    d41aed28538e53598c5ee0b61a7474fb

  • SHA1

    29a1d2fda339625e15739e193fffafe3a636f8b9

  • SHA256

    03f111a7553d3e698a07aea301f9be5d29bcde70513a1323283db3e2e4045d95

  • SHA512

    3eec7324c3c4091d5809b4dfcdece50172619a85c3e5405c7bd76701f69c38b8e80c1ae5a93cfc8fd3834c268776dca95ace24eabe8409eec061114fa79d12e3

  • SSDEEP

    49152:bDZuiC6tkhmcPaGJDVoAVlK+Cw3PKiRasKSjKOTmxECtWBR3xKIygAvKY7orrTKI:bNuinaYcPLZWA1PKE0f6K9v0KVio+

Score
10/10
vidarcredential_accessdiscoverystealer

Malware Config

Extracted

Family

vidar

C2

https://t.me/sok33tn

https://steamcommunity.com/profiles/76561199824159981
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:136.0) Gecko/20100101 Firefox/136.0

Targets

    • Target

      SecuriteInfo.com.Trojan.Inject5.16384.2170.8558.exe

    • Size

      6.4MB

    • MD5

      d41aed28538e53598c5ee0b61a7474fb

    • SHA1

      29a1d2fda339625e15739e193fffafe3a636f8b9

    • SHA256

      03f111a7553d3e698a07aea301f9be5d29bcde70513a1323283db3e2e4045d95

    • SHA512

      3eec7324c3c4091d5809b4dfcdece50172619a85c3e5405c7bd76701f69c38b8e80c1ae5a93cfc8fd3834c268776dca95ace24eabe8409eec061114fa79d12e3

    • SSDEEP

      49152:bDZuiC6tkhmcPaGJDVoAVlK+Cw3PKiRasKSjKOTmxECtWBR3xKIygAvKY7orrTKI:bNuinaYcPLZWA1PKE0f6K9v0KVio+

    Score
    10/10
    vidarcredential_accessdiscoverystealer

    • Detect Vidar Stealer

      stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Downloads MZ/PE file

    • Uses browser remote debugging

      Can be used control the browser and steal sensitive information such as credentials and session cookies.

      credential_accessstealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks