Description
Vidar is an infostealer based on Arkei stealer.
32057fad31bfb5015fc818847d245cd144a3c8166ae377cc4143ee5795ac06e5
General
Target
Size
Sample
32057fad31bfb5015fc818847d245cd144a3c8166ae377cc4143ee5795ac06e5
655KB
220215-rt7tbshber
Score
10 /10
MD5
SHA1
SHA256
SHA512
5214689cb18baecfe0267940ad845398
919514c68f7e009ddbb523fc17bbb2ba5604cac4
32057fad31bfb5015fc818847d245cd144a3c8166ae377cc4143ee5795ac06e5
a2b18ac30bf332c5f473b48f6a570013dc9e8ec51ed212032253226d620a7b8018a05d018d8a0eea32e51ad5382b2b519d54da6bdebab8bae5f72664e8f500b9
Malware Config
Extracted
| Family | vidar |
| Version | 48.1 |
| Botnet | 937 |
| C2 |
https://koyu.space/@rspich |
| Attributes |
profile_id 937 |
Targets
Target
MD5
Filesize
32057fad31bfb5015fc818847d245cd144a3c8166ae377cc4143ee5795ac06e5
5214689cb18baecfe0267940ad845398
655KB
Score
10/10
SHA1
SHA256
SHA512
919514c68f7e009ddbb523fc17bbb2ba5604cac4
32057fad31bfb5015fc818847d245cd144a3c8166ae377cc4143ee5795ac06e5
a2b18ac30bf332c5f473b48f6a570013dc9e8ec51ed212032253226d620a7b8018a05d018d8a0eea32e51ad5382b2b519d54da6bdebab8bae5f72664e8f500b9
Tags
Signatures
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Vidar
-
Vidar Stealer
Tags
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks