vidar | 5b2fce91cda0fa71818a683c57c88eb1533b70bcfb5e82b312757b3015d69801 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

5b2fce91cda0fa71818a683c57c88eb1533b70bcfb5e82b312757b3015d69801
Size

1.5MB
Sample

210923-phxg4seccl
MD5

43ecb980e6e1db8f394af5b6d065eba6
SHA1

36e05d72b5a9efd3e5283d46fb42f0d6204f2ed3
SHA256

5b2fce91cda0fa71818a683c57c88eb1533b70bcfb5e82b312757b3015d69801
SHA512

34062ccbb04992ee177cade1e218b608573fa9c2f0a073960aec3ea34b7140707127829f123fb3af7d7fd1448fc4d2a5958f9bf31833bf7047ff3d3271ecd04b

Score

10^/10

vidar 1013 spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

5b2fce91cda0fa71818a683c57c88eb1533b70bcfb5e82b312757b3015d69801.exe

Resource

win10v20210408

vidar 1013 spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

vidar

Version

41

Botnet

1013

C2

https://mas.to/@killern0

Attributes

profile_id
1013

Targets

- Target
  
  5b2fce91cda0fa71818a683c57c88eb1533b70bcfb5e82b312757b3015d69801
- Size
  
  1.5MB
- MD5
  
  43ecb980e6e1db8f394af5b6d065eba6
- SHA1
  
  36e05d72b5a9efd3e5283d46fb42f0d6204f2ed3
- SHA256
  
  5b2fce91cda0fa71818a683c57c88eb1533b70bcfb5e82b312757b3015d69801
- SHA512
  
  34062ccbb04992ee177cade1e218b608573fa9c2f0a073960aec3ea34b7140707127829f123fb3af7d7fd1448fc4d2a5958f9bf31833bf7047ff3d3271ecd04b
Score

10^/10

vidar 1013 spyware stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vidar1013spywarestealer

© 2018-2024

Terms | Privacy