vidar | 4188c6ab98585f5f8426cd17aa5eb0e1dd96db49ffdd21cfb91b68f19d5e42af | Triage

Sharing

General

Target

4188c6ab98585f5f8426cd17aa5eb0e1dd96db49ffdd21cfb91b68f19d5e42af.exe
Size

669KB
Sample

221011-pb17qadde5
MD5

488fae7289e40bb23cb8427cf7690e3a
SHA1

f7c1e28ef51ec7fcff52cd6d6e3e9933a143ab1f
SHA256

4188c6ab98585f5f8426cd17aa5eb0e1dd96db49ffdd21cfb91b68f19d5e42af
SHA512

66c32f6c187fe376e384400cfc57b6659cfbdc4966c31d78110357a7bcc41d987a236d68dfe67c3c99823402a60f21924d6f3de8bb9c6fadfb08e486f7bbf1e6
SSDEEP

6144:88cBjzaMPsdeeMeGlsK7Sd7SEmGva9pqPQ1W2wEW7mYiVAu:Batj7MOE9v1OW7Ti

Score

10^/10

vidar 1680 stealer

Malware Config

Extracted

Family

vidar

Version

54.6

Botnet

1680

C2

https://t.me/huobiinside

https://mas.to/@kyriazhs1975

Attributes

profile_id
1680

Targets

- Target
  
  4188c6ab98585f5f8426cd17aa5eb0e1dd96db49ffdd21cfb91b68f19d5e42af.exe
- Size
  
  669KB
- MD5
  
  488fae7289e40bb23cb8427cf7690e3a
- SHA1
  
  f7c1e28ef51ec7fcff52cd6d6e3e9933a143ab1f
- SHA256
  
  4188c6ab98585f5f8426cd17aa5eb0e1dd96db49ffdd21cfb91b68f19d5e42af
- SHA512
  
  66c32f6c187fe376e384400cfc57b6659cfbdc4966c31d78110357a7bcc41d987a236d68dfe67c3c99823402a60f21924d6f3de8bb9c6fadfb08e486f7bbf1e6
- SSDEEP
  
  6144:88cBjzaMPsdeeMeGlsK7Sd7SEmGva9pqPQ1W2wEW7mYiVAu:Batj7MOE9v1OW7Ti
Score

10^/10

vidar 1680 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

vidar1680stealer

behavioral2

vidar1680stealer