vidar | 51ffa97c666a44c732f20bbb7c62f48e7f01e1e16fc381078d19fdda95894970 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

51ffa97c666a44c732f20bbb7c62f48e7f01e1e16fc381078d19fdda95894970
Size

273KB
Sample

211107-yyjevsahh7
MD5

91d4d9e326c8fc248005b8d1ab6ce48b
SHA1

9c786f375c1a4a5cdfd6c190cef4941c2be62786
SHA256

51ffa97c666a44c732f20bbb7c62f48e7f01e1e16fc381078d19fdda95894970
SHA512

09e556afdd978599d57cebec57ffd7569fc0d3ee4d5180398706a31566a86c11249a867781bf00c5168ac6a9b233e1d6e353d91324813a9af49c83b025c329e7

Score

10^/10

vidar 399 spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

51ffa97c666a44c732f20bbb7c62f48e7f01e1e16fc381078d19fdda95894970.exe

Resource

win10-en-20211014

vidar 399 spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

vidar

Version

47.9

Botnet

399

C2

https://mas.to/@kirpich

Attributes

profile_id
399

Targets

- Target
  
  51ffa97c666a44c732f20bbb7c62f48e7f01e1e16fc381078d19fdda95894970
- Size
  
  273KB
- MD5
  
  91d4d9e326c8fc248005b8d1ab6ce48b
- SHA1
  
  9c786f375c1a4a5cdfd6c190cef4941c2be62786
- SHA256
  
  51ffa97c666a44c732f20bbb7c62f48e7f01e1e16fc381078d19fdda95894970
- SHA512
  
  09e556afdd978599d57cebec57ffd7569fc0d3ee4d5180398706a31566a86c11249a867781bf00c5168ac6a9b233e1d6e353d91324813a9af49c83b025c329e7
Score

10^/10

vidar 399 spyware stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

vidar399spywarestealer

© 2018-2024

Terms | Privacy