vidar | d30d9fce1b9ec8f4915a5a3083513a847f9ee7daf71a2afc01e2974688d6dcb8 | Triage

Sharing

General

Target

4d7886532fdc4f621a15af99ec56f09a.bin
Size

3.7MB
Sample

230127-qd8j9acf61
MD5

96563c6df4e488dc34785ce861edc262
SHA1

df3d52e930f80e14405c6f904a2cc896428313b1
SHA256

d30d9fce1b9ec8f4915a5a3083513a847f9ee7daf71a2afc01e2974688d6dcb8
SHA512

cc50b67354001982268a223a1c116adf13b83ccbe8551b6d6ac58de51ac78a0b0b135307cf3fed3f1b3f33d9f64284093d677947c508a841c61abe5b773d15d0
SSDEEP

98304:Rsr+49BwjHWwpYWaCtUhubQy47qM2RfCLaR30AAJkjXS:qq49BkUTC+hshMUf6aiAA++

Score

10^/10

vidar 408 stealer

Malware Config

Extracted

Family

vidar

Version

2.2

Botnet

408

C2

https://t.me/litlebey

https://steamcommunity.com/profiles/76561199472399815

Attributes

profile_id
408

Targets

- Target
  
  08f22af3870c81cf0f903d784abecd650003adfff360ff0529540091f277d057.exe
- Size
  
  3.8MB
- MD5
  
  4d7886532fdc4f621a15af99ec56f09a
- SHA1
  
  f55624f5eb95e153d73fdc45dee28108163b3ee1
- SHA256
  
  08f22af3870c81cf0f903d784abecd650003adfff360ff0529540091f277d057
- SHA512
  
  ac9c9999f77b4b386d181f1173e3f94f426c573b422f44d7b135a84835be90cb63d79090548a8d50ac79643cb0b475423f0cefb9b93ea552928452c6ca93b4b5
- SSDEEP
  
  98304:S2GnWQErhYOKLqRBX6uqOU0vtr/bnBy9erPMBNBXgO:Jz7hCLqPqNOrV3Bs0ABXv
Score

10^/10

vidar 408 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

vidar408stealer

behavioral2

vidar408stealer