Description
Vidar is an infostealer based on Arkei stealer.
c7ad7dc565687b2fe2b2652ffbd135188acb4eef29c2e0d72a116bd988c1e40d
General
Target
Size
Sample
c7ad7dc565687b2fe2b2652ffbd135188acb4eef29c2e0d72a116bd988c1e40d
675KB
220215-gyt3xsdafk
Score
10 /10
MD5
SHA1
SHA256
SHA512
cef76d7fba522e19ac03269b6275ff3f
81cbb61d06fcd512081a5dac97a7865d98d7a22b
c7ad7dc565687b2fe2b2652ffbd135188acb4eef29c2e0d72a116bd988c1e40d
e4728e26ab451ec452fbb5b61fbc7efe4c7e3c138cb91ed2a4bb75a339bf2ee1cdee9f7fa0c03fb398fea3c6dd87c5075bff0095b6e55811198865550bdab33a
Malware Config
Extracted
| Family | vidar |
| Version | 48.1 |
| Botnet | 937 |
| C2 |
https://koyu.space/@rspich |
| Attributes |
profile_id 937 |
Targets
Target
MD5
Filesize
c7ad7dc565687b2fe2b2652ffbd135188acb4eef29c2e0d72a116bd988c1e40d
cef76d7fba522e19ac03269b6275ff3f
675KB
Score
10/10
SHA1
SHA256
SHA512
81cbb61d06fcd512081a5dac97a7865d98d7a22b
c7ad7dc565687b2fe2b2652ffbd135188acb4eef29c2e0d72a116bd988c1e40d
e4728e26ab451ec452fbb5b61fbc7efe4c7e3c138cb91ed2a4bb75a339bf2ee1cdee9f7fa0c03fb398fea3c6dd87c5075bff0095b6e55811198865550bdab33a
Tags
Signatures
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Vidar
-
Vidar Stealer
Tags
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks