4ed7609cbb86ea0b7607b8a002e7f85b316903c3b6801240c9576aae8b3052ff

Target

Size

618KB

Sample

220215-qr8geafch7

Score

10 ^/10

MD5

353a21b3835ac7c17a82af79302d23cc

SHA1

03e96fc686cc15a0bb26186ecb4fe63e6b841c4b

SHA256

4ed7609cbb86ea0b7607b8a002e7f85b316903c3b6801240c9576aae8b3052ff

SHA512

fccacf9a70f9151f081caa6c2d32c2cee3fb3e3c95ce10ee5c632f3007f54c5513b024fc10c9abc9eb9c7703e197360d569040ec3e47d182a123079cba0743dc

Extracted

Family	vidar
Version	41.7
Botnet	937
C2	https://mas.to/@lenka51 https://mas.to/@lenka51
Attributes	profile_id 937

Target

4ed7609cbb86ea0b7607b8a002e7f85b316903c3b6801240c9576aae8b3052ff

MD5

353a21b3835ac7c17a82af79302d23cc

Filesize

618KB

Score

10^/10

SHA1

03e96fc686cc15a0bb26186ecb4fe63e6b841c4b

SHA256

4ed7609cbb86ea0b7607b8a002e7f85b316903c3b6801240c9576aae8b3052ff

SHA512

fccacf9a70f9151f081caa6c2d32c2cee3fb3e3c95ce10ee5c632f3007f54c5513b024fc10c9abc9eb9c7703e197360d569040ec3e47d182a123079cba0743dc

Signatures

Suspicious use of NtCreateProcessExOtherParentProcess
Vidar
Description

Vidar is an infostealer based on Arkei stealer.
Tags

stealer vidar
Vidar Stealer
Tags

stealer

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

behavioral1

vidar 937 stealer

10^/10

behavioral2

vidar 937 stealer

10^/10

Extracted

Tags

Signatures

Suspicious use of NtCreateProcessExOtherParentProcess

Vidar

Description

Tags

Vidar Stealer

Tags

Related Tasks

static1

behavioral1

behavioral2