vidar | 32bc8648c499ce2115cc18b912b59a64a1869f23102a06ac18c70c70be9385a3 | Triage

Sharing

General

Target

32bc8648c499ce2115cc18b912b59a64a1869f23102a06ac18c70c70be9385a3
Size

303KB
Sample

230508-3lr9fsdc62
MD5

9146b06836db73b08d47b6a7422b169d
SHA1

fd35f89c86e244419af4d2b3386f83d93b2dc63d
SHA256

32bc8648c499ce2115cc18b912b59a64a1869f23102a06ac18c70c70be9385a3
SHA512

3b18574aa7c6c390fc31305ada720e17e01540660727304fcd7fec43292ecdc5633c7e6aa3ef13f5727f46b74b438a70e4791b9918a8b2e5d206a097be65b113
SSDEEP

6144:UbtQEQ9UGblXL5rG1heTArtPn0uBHfsXmhRG29G2Jyxz36c:ut8UGbSoAxPPBHfbhQ2vy5P

Score

10^/10

vidar 8eb820ddf1aebfd9fcdae0b7decef98a spyware stealer

Malware Config

Extracted

Family

vidar

Version

3.3

Botnet

8eb820ddf1aebfd9fcdae0b7decef98a

C2

https://steamcommunity.com/profiles/76561199492257783

https://t.me/justsometg

Attributes

profile_id_v2
8eb820ddf1aebfd9fcdae0b7decef98a
user_agent
Mozilla/5.0 (X11; Linux 3.5.4-1-ARCH i686; es) KHTML/4.9.1 (like Gecko) Konqueror/4.9

Targets

- Target
  
  32bc8648c499ce2115cc18b912b59a64a1869f23102a06ac18c70c70be9385a3
- Size
  
  303KB
- MD5
  
  9146b06836db73b08d47b6a7422b169d
- SHA1
  
  fd35f89c86e244419af4d2b3386f83d93b2dc63d
- SHA256
  
  32bc8648c499ce2115cc18b912b59a64a1869f23102a06ac18c70c70be9385a3
- SHA512
  
  3b18574aa7c6c390fc31305ada720e17e01540660727304fcd7fec43292ecdc5633c7e6aa3ef13f5727f46b74b438a70e4791b9918a8b2e5d206a097be65b113
- SSDEEP
  
  6144:UbtQEQ9UGblXL5rG1heTArtPn0uBHfsXmhRG29G2Jyxz36c:ut8UGbSoAxPPBHfbhQ2vy5P
Score

10^/10

vidar 8eb820ddf1aebfd9fcdae0b7decef98a stealer spyware
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidar8eb820ddf1aebfd9fcdae0b7decef98astealer

behavioral2

vidar8eb820ddf1aebfd9fcdae0b7decef98aspywarestealer