Overview

overview

10

Static

static

3

Sid Meier'...II.exe

windows11-21h2-x64

10

Resubmissions

15-02-2025 17:48

250215-wdrvdswkfp 10

15-02-2025 17:45

250215-wbsnxawnav 10

14-02-2025 17:46

250214-wcq7gawkgz 10

06-02-2025 16:53

250206-vec7yssnfk 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SidMeiersCivilizationVII.zip

  • Size

    5.8MB

  • Sample

    250215-wbsnxawnav

  • MD5

    d84b0909926f1ae80215205ce8e9dcaa

  • SHA1

    4c8bcba9c2c3568e1c3e4a42c8d698eabbd16c1a

  • SHA256

    f3905d96e06b535e4b58082209a4fe220eab15a817039da2eddb648b5a20a75e

  • SHA512

    3a124b6e36689024d217df1f79cbc68e1dc8c793441f51dc40f39f5e3a9fa3e9626c5392532b2e2d22fbcba09131dfcd11c59e17fde6956bb08a7134d0d193c2

  • SSDEEP

    98304:tGO29oJD1+wov+AXvaYc5dIDZpkJBBM2Ib6w3eWXVY1Xp5frCKpR+cG:tE9ofvs+PYciG+2mvJUrfFpR0

Score
10/10
vidardiscoverystealer

Malware Config

Extracted

Family

vidar

C2

https://t.me/cruadsummar

https://t.me/pullmeundervosk2

Targets

    • Target

      Sid Meier's Civilization VII.exe

    • Size

      683.9MB

    • MD5

      3f40339bdf295a6f099dd097433c51c2

    • SHA1

      54cbfa3105a4fb6c59d699083edad98b706bbad0

    • SHA256

      48318511e386734e3540bf6898631d97a52ff3428dfb5eea001c218a133ca4ac

    • SHA512

      88d08f9a59b922e34d24e1068debc37ff743585c3d8267c539d189b81d255e5fc6cae5ac27075a20719616623975d033ce425b153b9df5a8359698adff99273e

    • SSDEEP

      98304:loE8pTFYNxOkXbP9RezM6XDkOt+tH8MQ/sksDYAFpU0jyak4/JjCc1:lhSGV63sNDV40fjC0

    Score
    10/10
    vidardiscoverystealer

    • Detect Vidar Stealer

      stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks