General
Target

50719557a8c2bc513ace058624c3d772f1c9624ee1e2efa2742a7300ad9d895c

Size

724KB

Sample

211015-tfzlxabbc7

Score
10/10
MD5

bdd01199249ceeca52defde881008061

SHA1

2873ef182e4f216e2959d9fba1d4f12b53f2d907

SHA256

50719557a8c2bc513ace058624c3d772f1c9624ee1e2efa2742a7300ad9d895c

SHA512

e81738f7a9f2e21abd37201be7a849fc04c1aa64dba1eb493a83959e0fd84f9d9a8ceb2b9556f69fcd06a23709ed4d0ea81721c623a42c06ca79e45d766fb963

Malware Config

Extracted

Family

vidar

Version

41.3

Botnet

1008

C2

https://mas.to/@oleg98

Attributes
profile_id
1008
Targets
Target

50719557a8c2bc513ace058624c3d772f1c9624ee1e2efa2742a7300ad9d895c

MD5

bdd01199249ceeca52defde881008061

Filesize

724KB

Score
10/10
SHA1

2873ef182e4f216e2959d9fba1d4f12b53f2d907

SHA256

50719557a8c2bc513ace058624c3d772f1c9624ee1e2efa2742a7300ad9d895c

SHA512

e81738f7a9f2e21abd37201be7a849fc04c1aa64dba1eb493a83959e0fd84f9d9a8ceb2b9556f69fcd06a23709ed4d0ea81721c623a42c06ca79e45d766fb963

Tags

Signatures

  • Vidar

    Description

    Vidar is an infostealer based on Arkei stealer.

    Tags

  • Vidar Stealer

    Tags

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Accesses 2FA software files, possible credential harvesting

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    Score
                    N/A

                    behavioral1

                    Score
                    10/10