vidar | b1f2df830afc2d093231721d2f527eefba2cc63beffc5437f743a085164edf7b | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

b1f2df830afc2d093231721d2f527eefba2cc63beffc5437f743a085164edf7b
Size

658KB
Sample

210921-nfyrqahch8
MD5

a991f09cce55b0585517601ebea75e58
SHA1

472c6ebe46d924f37ee0a1f3ce258e4abc795cab
SHA256

b1f2df830afc2d093231721d2f527eefba2cc63beffc5437f743a085164edf7b
SHA512

c0b8be847268f29dcd29adc4dad3b3e853b1b45243dd535bbc3015e994074b3832aee735a756680267ba088ce94f6c06f6c38420288722d0cedbbfd878ad4a1f

Score

10^/10

vidar 828 stealer

Static task

static1

Behavioral task

behavioral1

Sample

b1f2df830afc2d093231721d2f527eefba2cc63beffc5437f743a085164edf7b.exe

Resource

win10-en-20210920

vidar 828 stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

vidar

Version

40.8

Botnet

828

C2

https://pavlovoler.tumblr.com/

Attributes

profile_id
828

Targets

- Target
  
  b1f2df830afc2d093231721d2f527eefba2cc63beffc5437f743a085164edf7b
- Size
  
  658KB
- MD5
  
  a991f09cce55b0585517601ebea75e58
- SHA1
  
  472c6ebe46d924f37ee0a1f3ce258e4abc795cab
- SHA256
  
  b1f2df830afc2d093231721d2f527eefba2cc63beffc5437f743a085164edf7b
- SHA512
  
  c0b8be847268f29dcd29adc4dad3b3e853b1b45243dd535bbc3015e994074b3832aee735a756680267ba088ce94f6c06f6c38420288722d0cedbbfd878ad4a1f
Score

10^/10

vidar 828 stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vidar828stealer

© 2018-2024

Terms | Privacy