vidar | a498bd4c418ddfe888fe94ce082ae68b5fa0e3a65a43fcd5c5277646a11df45b | Triage

Analysis

max time kernel
135s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-en-20220113
submitted
03-03-2022 08:05

Sharing

Report Analysis Logs

General

Target

a498bd4c418ddfe888fe94ce082ae68b5fa0e3a65a43fcd5c5277646a11df45b.exe
Size

694KB
MD5

655326a190e7e84ceaad014053d672e3
SHA1

f4eff0dad292b3cd06ce9bd9e5870f6ce90d30d1
SHA256

a498bd4c418ddfe888fe94ce082ae68b5fa0e3a65a43fcd5c5277646a11df45b
SHA512

8a2a610dd171da1b7b6e0a68d643d3cec6c4b952071df36c9aeae75254888513a7609a11b92be6885f2f9fdc3aae8353af9947031c3fb0aa1b53586a29c8951e

Score

10^/10

vidar 565 stealer

Malware Config

Extracted

Family

vidar

Version

50.1

Botnet

565

C2

https://mastodon.online/@k1llerniax

https://koyu.space/@k1llerni2x

Attributes

profile_id
565

Signatures

Vidar
Vidar is an infostealer based on Arkei stealer.
stealer vidar

Vidar Stealer 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/868-132-0x00000000025F0000-0x000000000269B000-memory.dmp	family_vidar
behavioral1/memory/868-133-0x0000000000400000-0x00000000004B0000-memory.dmp	family_vidar

C:\Users\Admin\AppData\Local\Temp\a498bd4c418ddfe888fe94ce082ae68b5fa0e3a65a43fcd5c5277646a11df45b.exe
"C:\Users\Admin\AppData\Local\Temp\a498bd4c418ddfe888fe94ce082ae68b5fa0e3a65a43fcd5c5277646a11df45b.exe"
1⤵
PID:868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/868-130-0x00000000008FD000-0x0000000000968000-memory.dmp

Filesize
428KB

Download
memory/868-131-0x00000000008FD000-0x0000000000968000-memory.dmp

Filesize
428KB

Download
memory/868-132-0x00000000025F0000-0x000000000269B000-memory.dmp

Filesize
684KB

Download
memory/868-133-0x0000000000400000-0x00000000004B0000-memory.dmp

Filesize
704KB

Download