vidar | a754837ff13e4e87c9e44de15689d3d2ec5dc52b131cfc391d49b85936e799ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f131923f1dcfef483d379462db488b1.bin
Size

6.1MB
Sample

230206-jx3psacf75
MD5

434fae393f3a0dcba7cdf239a63df735
SHA1

abf6ba4497917eb7b126ea20b76f9bd86265a8de
SHA256

a754837ff13e4e87c9e44de15689d3d2ec5dc52b131cfc391d49b85936e799ee
SHA512

9210789e2d2a1b7abc1e7c50a675f01689ca3f4e6fe5296257632ef68d8dec39b11064487c3200c3693a27bd9418087dc9fb7b1b427d85bb71e9a6f7396c9ecb
SSDEEP

196608:Nok7mqJVtIx9eEl5X7qtyHukmKqHxau/L:P75VtmgElh7qtuTZq8I

Score

10^/10

vidar 692 stealer

Malware Config

Extracted

Family

vidar

Version

2

Botnet

692

C2

https://t.me/tgdatapacks

https://steamcommunity.com/profiles/76561199469677637

Attributes

profile_id
692

Targets

- Target
  
  dff661724a10f8b50a9a33882699c4b20fb79c3caf16832ebfb70b9b6aeb1db1.exe
- Size
  
  20.0MB
- MD5
  
  0f131923f1dcfef483d379462db488b1
- SHA1
  
  64bfe2d518fd416edeb346df0e7105251fd425e1
- SHA256
  
  dff661724a10f8b50a9a33882699c4b20fb79c3caf16832ebfb70b9b6aeb1db1
- SHA512
  
  91c6db30a426498ae01ed56d81ef5621f82d70b9fa8868b9cf100c95707e05adda1c078743a89e82c14758d9c1a747a27d4756f7488fb6cb7e1b876baa4e6fd0
- SSDEEP
  
  98304:HAYXBtgbPrAuVAE6lu0gaq8JmGnVFJIBjg9KXQup70J8RgB0hJk48JI72P8qz7gn:FRtgPrAXEBXuwg9Mtx0JhunkJ4qz4FNd
Score

10^/10

vidar 692 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

vidar692stealer

behavioral2

vidar692stealer