vidar | 01f5713808cc26de3e11aa1d9021c2d9d05424b7926ff742a4e7af8d6d6cc695 | Triage

Sharing

General

Target

8560257812.zip
Size

5.7MB
Sample

230118-sey4babd63
MD5

0ed9f0d0f67a909283eb9c539681e132
SHA1

d53d5e7eef12e457f5ec639bc1d91628679cac87
SHA256

01f5713808cc26de3e11aa1d9021c2d9d05424b7926ff742a4e7af8d6d6cc695
SHA512

746fc86c2c29137d795b99124fa63c30087674ab94830127da9f389e07a577bb728c044c7884fd01861317d171407b4c17e7c4e4868658af4b1809177302e75d
SSDEEP

98304:OcNgHvdQ4hzsm/kbEM+5VvKVdkpM78mj6xWR/s79BCpHLnpCW3fC5qF5kPhIPnhu:PedQKB/c2CewDjiz9BChLnpx3fMW5khz

Score

10^/10

vidar 1839 stealer

Malware Config

Extracted

Family

vidar

Version

55.7

Botnet

1839

C2

https://t.me/deadftx

https://www.tiktok.com/@user6068972597711

Attributes

profile_id
1839

Targets

- Target
  
  a0d6ae06e192826e008b439eb895ba8c13fec74523428fa136265e0bc816bad7
- Size
  
  402.5MB
- MD5
  
  2117d8ccb9563456344ec113a06eebce
- SHA1
  
  60f188f0f934f83efb3bb2f6a19ffaf9fc5a1a9a
- SHA256
  
  a0d6ae06e192826e008b439eb895ba8c13fec74523428fa136265e0bc816bad7
- SHA512
  
  10a97dd4549f090a651d24b4e2b21ec19dfc51649afeebb0be86d41e821692d38b9db3555f31c5c842069e3758380934258d951047cde6e144379987b6e4e707
- SSDEEP
  
  98304:bB6kx+lrJfWpmHsYI0xa2tVOtyGRRighYsA3Oj8peMYivdUuZd:19QuEsYJU/RiIfAeIpeM9FXZd
Score

10^/10

vidar 1839 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidar1839stealer

behavioral2

vidar1839stealer