vidar | 91a734562228b80d8c8cf131a07f054d9fbc7709a21dc8f89909a5ccceb1ceb7 | Triage

Sharing

General

Target

7e941ecf4002b95a59a2c8cfe7e88624.exe
Size

867KB
Sample

221119-h1hy4sea9t
MD5

7e941ecf4002b95a59a2c8cfe7e88624
SHA1

e6ee448fe01db6d60760ed34a283f8172b0e93f2
SHA256

91a734562228b80d8c8cf131a07f054d9fbc7709a21dc8f89909a5ccceb1ceb7
SHA512

c94c3c9f2bff63e7d11273c775f290711c9137db01e3db0373547acdb320ef7d223ebdbb3544cc19aa3a90ecb9abaa4bd4704b3755c696701bc7b3390a588c5d
SSDEEP

24576:43i31tbTIv7798KFjruZWDUfAuTOAM5hSqzH:X31tXmaKFjwWeiAFqzH

Score

10^/10

vidar 1707 stealer

Malware Config

Extracted

Family

vidar

Version

55.7

Botnet

1707

C2

https://t.me/deadftx

https://www.tiktok.com/@user6068972597711

Attributes

profile_id
1707

Targets

- Target
  
  7e941ecf4002b95a59a2c8cfe7e88624.exe
- Size
  
  867KB
- MD5
  
  7e941ecf4002b95a59a2c8cfe7e88624
- SHA1
  
  e6ee448fe01db6d60760ed34a283f8172b0e93f2
- SHA256
  
  91a734562228b80d8c8cf131a07f054d9fbc7709a21dc8f89909a5ccceb1ceb7
- SHA512
  
  c94c3c9f2bff63e7d11273c775f290711c9137db01e3db0373547acdb320ef7d223ebdbb3544cc19aa3a90ecb9abaa4bd4704b3755c696701bc7b3390a588c5d
- SSDEEP
  
  24576:43i31tbTIv7798KFjruZWDUfAuTOAM5hSqzH:X31tXmaKFjwWeiAFqzH
Score

10^/10

vidar 1707 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

vidar1707stealer