vidar | e3f46e0867414f00679e5bc53274d3a31f638fa2cdc0741d3b44d43b1eff2dbf | Triage

Sharing

General

Target

e3f46e0867414f00679e5bc53274d3a31f638fa2cdc0741d3b44d43b1eff2dbf
Size

1.3MB
Sample

221025-ld8g2acbek
MD5

ad7d67cd7f4e1a7800fe5c7bbe05ddd8
SHA1

880486310ef5c7022e6d5bb7cf6be19cb697e1d5
SHA256

e3f46e0867414f00679e5bc53274d3a31f638fa2cdc0741d3b44d43b1eff2dbf
SHA512

6bf8c4d7bae3b6fa224479a15bafee269d86a2e4053a4f888fa7f5b85b9317e8c7f38940811d3a97145b53a91625794d52de18fa2bc0d331d976f52b528c66cf
SSDEEP

24576:CUrBoqYRYLnRf1MnN4YyStR1gzX5/vwYcyUgJrEzweLNf4:ZrBVxzXxorynJWf4

Score

10^/10

vidar 915 spyware stealer

Malware Config

Extracted

Family

vidar

Version

55.2

Botnet

915

C2

https://t.me/slivetalks

https://c.im/@xinibin420

Attributes

profile_id
915

Targets

- Target
  
  e3f46e0867414f00679e5bc53274d3a31f638fa2cdc0741d3b44d43b1eff2dbf
- Size
  
  1.3MB
- MD5
  
  ad7d67cd7f4e1a7800fe5c7bbe05ddd8
- SHA1
  
  880486310ef5c7022e6d5bb7cf6be19cb697e1d5
- SHA256
  
  e3f46e0867414f00679e5bc53274d3a31f638fa2cdc0741d3b44d43b1eff2dbf
- SHA512
  
  6bf8c4d7bae3b6fa224479a15bafee269d86a2e4053a4f888fa7f5b85b9317e8c7f38940811d3a97145b53a91625794d52de18fa2bc0d331d976f52b528c66cf
- SSDEEP
  
  24576:CUrBoqYRYLnRf1MnN4YyStR1gzX5/vwYcyUgJrEzweLNf4:ZrBVxzXxorynJWf4
Score

10^/10

vidar 915 spyware stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Loads dropped DLL
- Uses the VBS compiler for execution
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vidar915spywarestealer