vidar | 48b4ef89802d527d97224135d03dc0080d24f16c89de5aef5f85067f5a61017a | Triage

Submit
Reports

Overview

overview

Static

static

eufive_202...41.exe

windows7_x64

eufive_202...41.exe

windows10_x64

Sharing

General

Target

eufive_20211107-195241
Size

726KB
Sample

211107-1h9cfsbad8
MD5

9c34c9d1794c171aa684d36922372938
SHA1

af5531df5bf9d8595362faf1adfed5ef7e0d1eb7
SHA256

48b4ef89802d527d97224135d03dc0080d24f16c89de5aef5f85067f5a61017a
SHA512

5d5260536cd2a70f536456413cac1392b916da502f2c83cde31f663b979976ea1a4c85dfb7511cb148e4bb86ac4c6a120d367f3df43c9a47a9e08fde32c35311

Score

10^/10

vidar 824 stealer

Static task

static1

Behavioral task

behavioral1

Sample

eufive_20211107-195241.exe

Resource

win7-en-20211014

vidar 824 stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

eufive_20211107-195241.exe

Resource

win10-en-20211104

vidar 824 stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

vidar

Version

47.9

Botnet

824

Attributes

profile_id
824

Targets

- Target
  
  eufive_20211107-195241
- Size
  
  726KB
- MD5
  
  9c34c9d1794c171aa684d36922372938
- SHA1
  
  af5531df5bf9d8595362faf1adfed5ef7e0d1eb7
- SHA256
  
  48b4ef89802d527d97224135d03dc0080d24f16c89de5aef5f85067f5a61017a
- SHA512
  
  5d5260536cd2a70f536456413cac1392b916da502f2c83cde31f663b979976ea1a4c85dfb7511cb148e4bb86ac4c6a120d367f3df43c9a47a9e08fde32c35311
Score

10^/10

vidar 824 stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

vidar824stealer

behavioral2

vidar824stealer

© 2018-2024

Terms | Privacy