bd7eec533b670d12046211475971ef6d32b54c37290f41ba33a4cc6b09a925a4

Target

Size

679KB

Sample

220215-hcj69sdcbk

Score

10 ^/10

MD5

f4a9c73c92501f4ada0ad74830610e11

SHA1

f5755ba5404a3fc467f850ff2dd01e6d9fd228fd

SHA256

bd7eec533b670d12046211475971ef6d32b54c37290f41ba33a4cc6b09a925a4

SHA512

7eb7d62d729b2d2dbacd89d6f2a3d94f053ee0336a413fef76effd3a6b445e9f0877c931bfda11ac3624a0bb8ce09268fac4fb637b7d0ea128342a3d9ac80d7c

Extracted

Family	vidar
Version	48.4
Botnet	937
C2	https://koyu.space/@qmashton https://koyu.space/@qmashton
Attributes	profile_id 937

Target

bd7eec533b670d12046211475971ef6d32b54c37290f41ba33a4cc6b09a925a4

MD5

f4a9c73c92501f4ada0ad74830610e11

Filesize

679KB

Score

10^/10

SHA1

f5755ba5404a3fc467f850ff2dd01e6d9fd228fd

SHA256

bd7eec533b670d12046211475971ef6d32b54c37290f41ba33a4cc6b09a925a4

SHA512

7eb7d62d729b2d2dbacd89d6f2a3d94f053ee0336a413fef76effd3a6b445e9f0877c931bfda11ac3624a0bb8ce09268fac4fb637b7d0ea128342a3d9ac80d7c

Signatures

Suspicious use of NtCreateProcessExOtherParentProcess
Vidar
Description

Vidar is an infostealer based on Arkei stealer.
Tags

stealer vidar
Vidar Stealer
Tags

stealer

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

behavioral1

vidar 937 stealer

10^/10

behavioral2

vidar 937 stealer

10^/10

Extracted

Tags

Signatures

Suspicious use of NtCreateProcessExOtherParentProcess

Vidar

Description

Tags

Vidar Stealer

Tags

Related Tasks

static1

behavioral1

behavioral2