317e6d0c61edc2d145f8f29a19e1ecee049f6f3cff8decd0f5d8171ab99f9813

Target

Size

640KB

Sample

220215-rvjswsfhd6

Score

10 ^/10

MD5

81843d9c10e65eeead6650766ba18d08

SHA1

618f493341aea26dc4d7c46dae854d5c1d56bcbf

SHA256

317e6d0c61edc2d145f8f29a19e1ecee049f6f3cff8decd0f5d8171ab99f9813

SHA512

89a75dcb396ab86a4bb495ed14176b2f0a7b31949fbba02e8cdcb04967595269048dd95683391e16cd431c235ff90d5a62e616ac997cb9f983a7f358dc3dab63

Extracted

Family	vidar
Version	41.6
Botnet	937
C2	https://mas.to/@lilocc https://mas.to/@lilocc
Attributes	profile_id 937

Target

317e6d0c61edc2d145f8f29a19e1ecee049f6f3cff8decd0f5d8171ab99f9813

MD5

81843d9c10e65eeead6650766ba18d08

Filesize

640KB

Score

10^/10

SHA1

618f493341aea26dc4d7c46dae854d5c1d56bcbf

SHA256

317e6d0c61edc2d145f8f29a19e1ecee049f6f3cff8decd0f5d8171ab99f9813

SHA512

89a75dcb396ab86a4bb495ed14176b2f0a7b31949fbba02e8cdcb04967595269048dd95683391e16cd431c235ff90d5a62e616ac997cb9f983a7f358dc3dab63

Signatures

Suspicious use of NtCreateProcessExOtherParentProcess
Vidar
Description

Vidar is an infostealer based on Arkei stealer.
Tags

stealer vidar
Vidar Stealer
Tags

stealer

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

behavioral1

vidar 937 stealer

10^/10

behavioral2

vidar 937 stealer

10^/10

Extracted

Tags

Signatures

Suspicious use of NtCreateProcessExOtherParentProcess

Vidar

Description

Tags

Vidar Stealer

Tags

Related Tasks

static1

behavioral1

behavioral2