vidar | d6e566d286fae051384f3789f262e4ba76b8e92a4937285bd94f9d031cf323b9 | Triage

Submit
Reports

Overview

overview

Static

static

asdfasdfas...df.exe

windows7_x64

asdfasdfas...df.exe

windows10_x64

Sharing

General

Target

asdfasdfasdfasdfasdfasdfasdfasdfasdf.exe
Size

1.7MB
Sample

211011-lyytbsggb5
MD5

2a600aaf4954388f5ad11abba8f8c351
SHA1

e5bbca4b4cb21862576dc1e214f82bc73804d9ce
SHA256

d6e566d286fae051384f3789f262e4ba76b8e92a4937285bd94f9d031cf323b9
SHA512

828b869d71fb4979d60122d0bae72db787ece2ebab66e5c99d26bc3c263ef378b37b562d72a6d50f74e749def1c61fa6813618734ac56100728b13d46e2aa693

Score

10^/10

vidar 921 stealer

Static task

static1

Behavioral task

behavioral1

Sample

asdfasdfasdfasdfasdfasdfasdfasdfasdf.exe

Resource

win7-en-20210920

vidar 921 stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

asdfasdfasdfasdfasdfasdfasdfasdfasdf.exe

Resource

win10v20210408

vidar 921 stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

vidar

Version

41.2

Botnet

921

C2

https://mas.to/@serg4325

Attributes

profile_id
921

Targets

- Target
  
  asdfasdfasdfasdfasdfasdfasdfasdfasdf.exe
- Size
  
  1.7MB
- MD5
  
  2a600aaf4954388f5ad11abba8f8c351
- SHA1
  
  e5bbca4b4cb21862576dc1e214f82bc73804d9ce
- SHA256
  
  d6e566d286fae051384f3789f262e4ba76b8e92a4937285bd94f9d031cf323b9
- SHA512
  
  828b869d71fb4979d60122d0bae72db787ece2ebab66e5c99d26bc3c263ef378b37b562d72a6d50f74e749def1c61fa6813618734ac56100728b13d46e2aa693
Score

10^/10

vidar 921 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vidar921stealer

behavioral2

vidar921stealer

© 2018-2024

Terms | Privacy