Overview

overview

10

Static

static

211f6083a3...ef.exe

windows7-x64

10

211f6083a3...ef.exe

windows10-1703-x64

10

211f6083a3...ef.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    211f6083a31502b38958c39494f163ad8dff2c64e4da4bc8a36331b985d2f5ef.zip

  • Size

    6.5MB

  • Sample

    221104-3j92gsdhdq

  • MD5

    529b15e3137dffb66841fc0ffb75eef6

  • SHA1

    beee1098100b74e0771efebf7045b0c62fab5f6e

  • SHA256

    b591065da3fa56b03d704dc9d865fb056a1a29e63287baa8c2b69dabdecf9f75

  • SHA512

    03a0c5c29a06d62dea696a1c37f820f07be5bd15327d76f047c427d1e9e7dcff805b801aa06d5c60ab76eac116ec611e1f266458759c6cd20c83fbba7066ab48

  • SSDEEP

    196608:dg4d4Y7NTXLGhjnoIH84bECKIfAba45E7EdH3aN3:BPxTLKkDCKWAm0EeaR

Score
10/10
vidar1707stealer

Malware Config

Extracted

Family

vidar

Version

55

Botnet

1707

C2

https://t.me/truewallets

https://mas.to/@zara99

http://116.203.10.3:80
Attributes
  • profile_id

    1707

Targets

    • Target

      211f6083a31502b38958c39494f163ad8dff2c64e4da4bc8a36331b985d2f5ef

    • Size

      6.9MB

    • MD5

      b5f33dd83fe78663a2766860148b94f1

    • SHA1

      550a4d8ce4e4f8d436aacd0a5168ad41b078534d

    • SHA256

      211f6083a31502b38958c39494f163ad8dff2c64e4da4bc8a36331b985d2f5ef

    • SHA512

      a90b6a034aca04c634d7d2fcfe931ee6277674c98c686a0810bd3c311f8beae55d5d064c2c64665e8210d0c815d61ed2f1ad17f70419143a863700b011facc9d

    • SSDEEP

      98304:4Il+SnHYKmcUhliE+oBeFarU3l3lU2tkfZU7ubDxwIjOIN1ULr33K2mi/iI+UX0P:4tKQlqoBWaY3B/+rxjjTN1U3KU+Y

    Score
    10/10
    vidar1707stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks