Description
Vidar is an infostealer based on Arkei stealer.
2295510f041dc01c4a3c8644db06e1191c1b341d95c8104c44a62fac4544e44b
General
Target
Size
Sample
2295510f041dc01c4a3c8644db06e1191c1b341d95c8104c44a62fac4544e44b
756KB
220215-sc399agbf5
Score
10 /10
MD5
SHA1
SHA256
SHA512
c047905ec2dbb9f688e5d14832679184
c6574566b3ea0325f82eac22885320233fb40dce
2295510f041dc01c4a3c8644db06e1191c1b341d95c8104c44a62fac4544e44b
61f799e963a1cd1fce9f9997aff0644dde375bf5442aebacd03036301044c049436b35c4794e0d2e7fa742cf73a54efbfd26cbc66eb15ce0eecce97bd01338be
Malware Config
Extracted
| Family | vidar |
| Version | 48.5 |
| Botnet | 937 |
| C2 |
https://koyu.space/@tttaj |
| Attributes |
profile_id 937 |
Targets
Target
MD5
Filesize
2295510f041dc01c4a3c8644db06e1191c1b341d95c8104c44a62fac4544e44b
c047905ec2dbb9f688e5d14832679184
756KB
Score
10/10
SHA1
SHA256
SHA512
c6574566b3ea0325f82eac22885320233fb40dce
2295510f041dc01c4a3c8644db06e1191c1b341d95c8104c44a62fac4544e44b
61f799e963a1cd1fce9f9997aff0644dde375bf5442aebacd03036301044c049436b35c4794e0d2e7fa742cf73a54efbfd26cbc66eb15ce0eecce97bd01338be
Tags
Signatures
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Vidar
-
Vidar Stealer
Tags
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks