vidar | 82d727baf374cc9a65731af2dd2319d40a178f52ee477e5882a1c7d61d82df96 | Triage

Sharing

General

Target

Latest_Installer_Full_Version_1234_B4V.rar
Size

7.0MB
Sample

221203-3ztpfagh22
MD5

c1bf833eb2940fcd8d8c79a4cb580476
SHA1

8fa485e89a6617f20dfa3e36fae7eb9a93d014c4
SHA256

82d727baf374cc9a65731af2dd2319d40a178f52ee477e5882a1c7d61d82df96
SHA512

d7e9d4282652cb4c8224799c207a58cdc30bd83fcf62241b64faeb72b2ebd6cad758f77f4186851fcc8899915cbd84990d988750ed68dcd199b734b77e0f02cc
SSDEEP

196608:y/B+XfpKPLgTVNuNs5evn2Wb+1QaR5erGGv9k+O3J76:CoBKcJQQeRb+1QaR5S14J76

Score

10^/10

vidar 1707 discovery spyware stealer

Malware Config

Extracted

Family

vidar

Version

56

Botnet

1707

C2

https://t.me/asifrazatg

https://steamcommunity.com/profiles/76561199439929669

Attributes

profile_id
1707

Targets

- Target
  
  Setup.exe
- Size
  
  407.6MB
- MD5
  
  995baf81876438c5ffa39a9b01afcc4b
- SHA1
  
  761f74ef159d5b4d898c32934563c0157731cf11
- SHA256
  
  e0ce19785c7e7270daa7a368eb9aa70f97444d9abbc888fdec0776bff198ec64
- SHA512
  
  8d81592858bca3077edaec7ccb7be45f0eb496625bd6d8a4d520e65a1f63ba3258fb1d1eb0a6e26c7024abc61bd80b6be79e0526315a27351970e5b7b0d81d2f
- SSDEEP
  
  196608:92HOis2caTw2/CcqS9/D1EmKJdSKaWo+J:9QOVwR/rqS9b0SKaWo+
Score

10^/10

vidar 1707 discovery spyware stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vidar1707discoveryspywarestealer