vidar | eb8d70a5b5bb137eaa65d40f8d504a6f187ec9d6d0050b4ff2aa9382d53895f9 | Triage

Submit
Reports

Overview

overview

Static

static

0a30aa0d19...86.exe

windows7_x64

0a30aa0d19...86.exe

windows10_x64

Sharing

General

Target

0a30aa0d19ec0bfc921e976c42d1b186.exe
Size

772KB
Sample

211011-tmev3shfd3
MD5

0a30aa0d19ec0bfc921e976c42d1b186
SHA1

bc35f999032a9c6827952b938f72b4dbdd41d0cf
SHA256

eb8d70a5b5bb137eaa65d40f8d504a6f187ec9d6d0050b4ff2aa9382d53895f9
SHA512

14cf2d200ca675c76c48964eaa0c20c7123520359d663e9a5c18d8f162dac36afa471aeced2eac89753b0a4c60cdfd8877997753826745a9a1c3fc2a0ae6b97d

Score

10^/10

vidar 1008 stealer

Static task

static1

Behavioral task

behavioral1

Sample

0a30aa0d19ec0bfc921e976c42d1b186.exe

Resource

win7-en-20210920

vidar 1008 stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0a30aa0d19ec0bfc921e976c42d1b186.exe

Resource

win10v20210408

vidar 1008 stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

vidar

Version

41.2

Botnet

1008

C2

https://mas.to/@serg4325

Attributes

profile_id
1008

Targets

- Target
  
  0a30aa0d19ec0bfc921e976c42d1b186.exe
- Size
  
  772KB
- MD5
  
  0a30aa0d19ec0bfc921e976c42d1b186
- SHA1
  
  bc35f999032a9c6827952b938f72b4dbdd41d0cf
- SHA256
  
  eb8d70a5b5bb137eaa65d40f8d504a6f187ec9d6d0050b4ff2aa9382d53895f9
- SHA512
  
  14cf2d200ca675c76c48964eaa0c20c7123520359d663e9a5c18d8f162dac36afa471aeced2eac89753b0a4c60cdfd8877997753826745a9a1c3fc2a0ae6b97d
Score

10^/10

vidar 1008 stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

vidar1008stealer

behavioral2

vidar1008stealer

© 2018-2024

Terms | Privacy