vidar | 43de6b1c289cd8ba1d2889346359b521990ca38f69b1961034000dab3c4104e1 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

43de6b1c289cd8ba1d2889346359b521990ca38f69b1961034000dab3c4104e1
Size

770KB
Sample

211011-nfry6shaa7
MD5

1ca9583e6f4524151c23b0baa273d9ff
SHA1

ad39613a3e42aa165931dda8b9c3832e2e7184c8
SHA256

43de6b1c289cd8ba1d2889346359b521990ca38f69b1961034000dab3c4104e1
SHA512

ed762bfbd39dfc5110389818c3f99ca753072f11d8fef749e848f5cc9535fa010ba6eb9b788b5b358241e8ef7b1b77bbfb8ada10b5c83771bd7a9cc03199c1ba

Score

10^/10

vidar 1008 stealer

Static task

static1

Behavioral task

behavioral1

Sample

43de6b1c289cd8ba1d2889346359b521990ca38f69b1961034000dab3c4104e1.exe

Resource

win10-en-20210920

vidar 1008 stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

vidar

Version

41.2

Botnet

1008

C2

https://mas.to/@serg4325

Attributes

profile_id
1008

Targets

- Target
  
  43de6b1c289cd8ba1d2889346359b521990ca38f69b1961034000dab3c4104e1
- Size
  
  770KB
- MD5
  
  1ca9583e6f4524151c23b0baa273d9ff
- SHA1
  
  ad39613a3e42aa165931dda8b9c3832e2e7184c8
- SHA256
  
  43de6b1c289cd8ba1d2889346359b521990ca38f69b1961034000dab3c4104e1
- SHA512
  
  ed762bfbd39dfc5110389818c3f99ca753072f11d8fef749e848f5cc9535fa010ba6eb9b788b5b358241e8ef7b1b77bbfb8ada10b5c83771bd7a9cc03199c1ba
Score

10^/10

vidar 1008 stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

vidar1008stealer

© 2018-2024

Terms | Privacy