vidar | 6e8b8a1d654dfedfa6d56e2f43a049eb491370ff46e0668fe5cfd7489b4b125c | Triage

Sharing

General

Target

91c990286a2a22d3ad69e7ca232ec9d5.exe
Size

488KB
Sample

221030-hcxglagghp
MD5

91c990286a2a22d3ad69e7ca232ec9d5
SHA1

e59c0dea97e97fba10e2d181b71675be2674650d
SHA256

6e8b8a1d654dfedfa6d56e2f43a049eb491370ff46e0668fe5cfd7489b4b125c
SHA512

01494032ff25ef0c4ad91db9a98e3cc441aac0c912706b5b67a994a824c68b7707bee8b59c67e80e0c5d1b80192d93f852f52eb24e8c0e421f1d021530ce1fc5
SSDEEP

6144:2N1loB6IG97sDqcnH+jp/RJHUwMAOdobaz7vQ3fRyXcGyHT0yhU1GCSjA1xkyWXb:kk6IG971b5MeeQ5QNyHU1SjkWlgCt

Score

10^/10

vidar 1707 spyware stealer

Malware Config

Extracted

Family

vidar

Version

55.2

Botnet

1707

C2

https://t.me/slivetalks

https://c.im/@xinibin420

Attributes

profile_id
1707

Targets

- Target
  
  91c990286a2a22d3ad69e7ca232ec9d5.exe
- Size
  
  488KB
- MD5
  
  91c990286a2a22d3ad69e7ca232ec9d5
- SHA1
  
  e59c0dea97e97fba10e2d181b71675be2674650d
- SHA256
  
  6e8b8a1d654dfedfa6d56e2f43a049eb491370ff46e0668fe5cfd7489b4b125c
- SHA512
  
  01494032ff25ef0c4ad91db9a98e3cc441aac0c912706b5b67a994a824c68b7707bee8b59c67e80e0c5d1b80192d93f852f52eb24e8c0e421f1d021530ce1fc5
- SSDEEP
  
  6144:2N1loB6IG97sDqcnH+jp/RJHUwMAOdobaz7vQ3fRyXcGyHT0yhU1GCSjA1xkyWXb:kk6IG971b5MeeQ5QNyHU1SjkWlgCt
Score

10^/10

vidar 1707 spyware stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Loads dropped DLL
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vidar1707spywarestealer

behavioral2

vidar1707spywarestealer