vidar | 26285efdd77665c7dd35aa0450f77214644ebb80fb284e071e67f728881c8983 | Triage

Submit
Reports

Overview

overview

Static

static

1e981e240c...5f.exe

windows7_x64

1e981e240c...5f.exe

windows10_x64

Sharing

General

Target

1e981e240cc21580c970db894934da5f.exe
Size

800KB
Sample

210804-bjczhtbz5x
MD5

1e981e240cc21580c970db894934da5f
SHA1

24bc2e53f10324268b5ba1542568d9e998a1052b
SHA256

26285efdd77665c7dd35aa0450f77214644ebb80fb284e071e67f728881c8983
SHA512

24c9968c7fbe3f341801e723be26dc083939238a94234374e1eb7821360119e6c8efdcd481ab68de2007fcae1a39b897f4b1198cc43a965577a0982272413844

Score

10^/10

vidar 921 spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

1e981e240cc21580c970db894934da5f.exe

Resource

win7v20210408

vidar 921 stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1e981e240cc21580c970db894934da5f.exe

Resource

win10v20210410

vidar 921 spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

vidar

Version

39.9

Botnet

921

C2

https://prophefliloc.tumblr.com/

Attributes

profile_id
921

Targets

- Target
  
  1e981e240cc21580c970db894934da5f.exe
- Size
  
  800KB
- MD5
  
  1e981e240cc21580c970db894934da5f
- SHA1
  
  24bc2e53f10324268b5ba1542568d9e998a1052b
- SHA256
  
  26285efdd77665c7dd35aa0450f77214644ebb80fb284e071e67f728881c8983
- SHA512
  
  24c9968c7fbe3f341801e723be26dc083939238a94234374e1eb7821360119e6c8efdcd481ab68de2007fcae1a39b897f4b1198cc43a965577a0982272413844
Score

10^/10

vidar 921 stealer spyware
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vidar921stealer

behavioral2

vidar921spywarestealer

© 2018-2024

Terms | Privacy