vidar | f0b88dae1dbd6a46397bdc564648e19cc6d45af5d0288222f9ace17e92193941 | Triage

Submit
Reports

Overview

overview

Static

static

f0b88dae1d...41.exe

windows7_x64

f0b88dae1d...41.exe

windows10-2004_x64

Sharing

General

Target

f0b88dae1dbd6a46397bdc564648e19cc6d45af5d0288222f9ace17e92193941
Size

2.0MB
Sample

220320-cg9d3aefe3
MD5

249b481f803df7bd193f311c181f655e
SHA1

a2d957d04c8d4754b3c31cd7941b39fe543f8104
SHA256

f0b88dae1dbd6a46397bdc564648e19cc6d45af5d0288222f9ace17e92193941
SHA512

182f4a1baf87bcf0ef443e7e5d43f12e5fe0b762f81e5fea5a0850900376718ef8be221b39d47e19134c6a4a63fcbc75ef092c14723d4cb2ee15e9dcba688435

Score

10^/10

vidar 399 stealer

Static task

static1

Behavioral task

behavioral1

Sample

f0b88dae1dbd6a46397bdc564648e19cc6d45af5d0288222f9ace17e92193941.exe

Resource

win7-20220310-en

vidar 399 stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

f0b88dae1dbd6a46397bdc564648e19cc6d45af5d0288222f9ace17e92193941.exe

Resource

win10v2004-20220310-en

vidar 399 stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

vidar

Version

35.1

Botnet

399

C2

http://syrusim.com/

Attributes

profile_id
399

Targets

- Target
  
  f0b88dae1dbd6a46397bdc564648e19cc6d45af5d0288222f9ace17e92193941
- Size
  
  2.0MB
- MD5
  
  249b481f803df7bd193f311c181f655e
- SHA1
  
  a2d957d04c8d4754b3c31cd7941b39fe543f8104
- SHA256
  
  f0b88dae1dbd6a46397bdc564648e19cc6d45af5d0288222f9ace17e92193941
- SHA512
  
  182f4a1baf87bcf0ef443e7e5d43f12e5fe0b762f81e5fea5a0850900376718ef8be221b39d47e19134c6a4a63fcbc75ef092c14723d4cb2ee15e9dcba688435
Score

10^/10

vidar 399 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

vidar399stealer

behavioral2

vidar399stealer

© 2018-2024

Terms | Privacy