f69a9cd55b6d88040a40f092ae962eccad79c773afb156eeec5919fd11ca7174

General
Target

f69a9cd55b6d88040a40f092ae962eccad79c773afb156eeec5919fd11ca7174

Size

772KB

Sample

220215-favh4sagg7

Score
10 /10
MD5

9e8388274066861ecf159c212e153ec1

SHA1

6ba52b3cca249625bce6de2fdf98002b7f476cde

SHA256

f69a9cd55b6d88040a40f092ae962eccad79c773afb156eeec5919fd11ca7174

SHA512

33a2a84cde6543aa464f4439d7db57e7debe6c87b7537b2b349da843b015b99cbd1d5dc70b347a6e8fcfa000652669cabc2e539748a5e127fdea72673915618c

Malware Config

Extracted

Family vidar
Version 47.9
Botnet 937
C2

https://mas.to/@kirpich

Attributes
profile_id
937
Targets
Target

f69a9cd55b6d88040a40f092ae962eccad79c773afb156eeec5919fd11ca7174

MD5

9e8388274066861ecf159c212e153ec1

Filesize

772KB

Score
10/10
SHA1

6ba52b3cca249625bce6de2fdf98002b7f476cde

SHA256

f69a9cd55b6d88040a40f092ae962eccad79c773afb156eeec5919fd11ca7174

SHA512

33a2a84cde6543aa464f4439d7db57e7debe6c87b7537b2b349da843b015b99cbd1d5dc70b347a6e8fcfa000652669cabc2e539748a5e127fdea72673915618c

Tags

Signatures

  • Suspicious use of NtCreateProcessExOtherParentProcess

  • Vidar

    Description

    Vidar is an infostealer based on Arkei stealer.

    Tags

  • Vidar Stealer

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        10/10

                        behavioral2

                        10/10