General
Target

a4f3087f89af24b64d19b6749fdea4ae5ccfcae86752f51658bbc7abd8908103

Size

743KB

Sample

211015-ddal1aaeb4

Score
10/10
MD5

ce0f61253d125b971782d47d24efa633

SHA1

af25de6dee3531c2e1435ad088fee82fdf0310d1

SHA256

a4f3087f89af24b64d19b6749fdea4ae5ccfcae86752f51658bbc7abd8908103

SHA512

8c55950e66f3a687584d3f324bbd0ceea63b46d01fce0cd107a1c41ee6527f7f7bd8ab7d084b80111062497a95623b91cbb7470422a77deb8f2427fbf594a24b

Malware Config

Extracted

Family

vidar

Version

41.3

Botnet

1008

C2

https://mas.to/@oleg98

Attributes
profile_id
1008
Targets
Target

a4f3087f89af24b64d19b6749fdea4ae5ccfcae86752f51658bbc7abd8908103

MD5

ce0f61253d125b971782d47d24efa633

Filesize

743KB

Score
10/10
SHA1

af25de6dee3531c2e1435ad088fee82fdf0310d1

SHA256

a4f3087f89af24b64d19b6749fdea4ae5ccfcae86752f51658bbc7abd8908103

SHA512

8c55950e66f3a687584d3f324bbd0ceea63b46d01fce0cd107a1c41ee6527f7f7bd8ab7d084b80111062497a95623b91cbb7470422a77deb8f2427fbf594a24b

Tags

Signatures

  • Vidar

    Description

    Vidar is an infostealer based on Arkei stealer.

    Tags

  • Vidar Stealer

    Tags

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Accesses 2FA software files, possible credential harvesting

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    Score
                    N/A

                    behavioral1

                    Score
                    10/10