f69a9cd55b6d88040a40f092ae962eccad79c773afb156eeec5919fd11ca7174

Target

Size

772KB

Sample

220215-favh4sagg7

Score

10 ^/10

MD5

9e8388274066861ecf159c212e153ec1

SHA1

6ba52b3cca249625bce6de2fdf98002b7f476cde

SHA256

f69a9cd55b6d88040a40f092ae962eccad79c773afb156eeec5919fd11ca7174

SHA512

33a2a84cde6543aa464f4439d7db57e7debe6c87b7537b2b349da843b015b99cbd1d5dc70b347a6e8fcfa000652669cabc2e539748a5e127fdea72673915618c

Extracted

Family	vidar
Version	47.9
Botnet	937
C2	https://mas.to/@kirpich https://mas.to/@kirpich
Attributes	profile_id 937

Target

f69a9cd55b6d88040a40f092ae962eccad79c773afb156eeec5919fd11ca7174

MD5

9e8388274066861ecf159c212e153ec1

Filesize

772KB

Score

10^/10

SHA1

6ba52b3cca249625bce6de2fdf98002b7f476cde

SHA256

f69a9cd55b6d88040a40f092ae962eccad79c773afb156eeec5919fd11ca7174

SHA512

33a2a84cde6543aa464f4439d7db57e7debe6c87b7537b2b349da843b015b99cbd1d5dc70b347a6e8fcfa000652669cabc2e539748a5e127fdea72673915618c

Signatures

Suspicious use of NtCreateProcessExOtherParentProcess
Vidar
Description

Vidar is an infostealer based on Arkei stealer.
Tags

stealer vidar
Vidar Stealer
Tags

stealer

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

behavioral1

vidar 937 stealer

10^/10

behavioral2

vidar 937 stealer

10^/10

Extracted

Tags

Signatures

Suspicious use of NtCreateProcessExOtherParentProcess

Vidar

Description

Tags

Vidar Stealer

Tags

Related Tasks

static1

behavioral1

behavioral2