Overview

overview

10

Static

static

ae45afe910...db.exe

windows7-x64

10

ae45afe910...db.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ae45afe91004fde64e470eee587c2b43821cc1416908efa1e734770421f19ddb

  • Size

    840KB

  • Sample

    221204-zj4mxshe7z

  • MD5

    64d871bc13bbd115a6b9c03a485b0251

  • SHA1

    42ca2ee65fbc6d86d4f33d307f3c12ff20811d8e

  • SHA256

    ae45afe91004fde64e470eee587c2b43821cc1416908efa1e734770421f19ddb

  • SHA512

    da66907eb26deb9fdd452f01665fa2af3bfea6b137bf24144b12b9caa799f63483e6499389542f195157823d1d73e1180c320b6cba4ba9f243a8abf47efaa003

  • SSDEEP

    12288:e+054Q50nWUNY2+nUf8ukQ4aOqP9LGCtsNc/l/PH3Hi6IRvf+RoTD:7Y50nm28f5goCtsNml/PXHivTD

Score
10/10
vidar903stealer

Malware Config

Extracted

Family

vidar

Version

39.4

Botnet

903

C2

https://sergeevih43.tumblr.com/

Attributes
  • profile_id

    903

Targets

    • Target

      ae45afe91004fde64e470eee587c2b43821cc1416908efa1e734770421f19ddb

    • Size

      840KB

    • MD5

      64d871bc13bbd115a6b9c03a485b0251

    • SHA1

      42ca2ee65fbc6d86d4f33d307f3c12ff20811d8e

    • SHA256

      ae45afe91004fde64e470eee587c2b43821cc1416908efa1e734770421f19ddb

    • SHA512

      da66907eb26deb9fdd452f01665fa2af3bfea6b137bf24144b12b9caa799f63483e6499389542f195157823d1d73e1180c320b6cba4ba9f243a8abf47efaa003

    • SSDEEP

      12288:e+054Q50nWUNY2+nUf8ukQ4aOqP9LGCtsNc/l/PH3Hi6IRvf+RoTD:7Y50nm28f5goCtsNml/PXHivTD

    Score
    10/10
    vidar903stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar Stealer

      stealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks