vidar | 25418f9accfaa84b3ea5ef662fc2b24f9782d1e2e00c1303f879f11afc2eec7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25418f9accfaa84b3ea5ef662fc2b24f9782d1e2e00c1303f879f11afc2eec7b
Size

356KB
Sample

230815-htf6yahc52
MD5

3656380b872547ff69f460c90328d257
SHA1

d9669ed63561e3419900c72207a66f9443e26075
SHA256

25418f9accfaa84b3ea5ef662fc2b24f9782d1e2e00c1303f879f11afc2eec7b
SHA512

1c5ebf89b64eafc1231ee90898897cdd58b9ced7c8a59ee1f33033fe9a66f6e8bf1f26869c5e8a2d1284587f77c9c56172e572ea7942923b73efba4323547a18
SSDEEP

6144:h2+XqGAdyvA944aSL0g7SLjxhDOfeNROhXkO6J5+UUZfA:h2+XqUvA92/gGLjzDqeNROhl6TQ

Score

10^/10

vidar 980843ac508a7fe8f556d42e4c5cfb54 spyware stealer

Malware Config

Extracted

Family

vidar

Version

5.2

Botnet

980843ac508a7fe8f556d42e4c5cfb54

C2

https://t.me/odyssey_tg

https://steamcommunity.com/profiles/76561199541261200

Attributes

profile_id_v2
980843ac508a7fe8f556d42e4c5cfb54
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.30 (KHTML, like Gecko) Chrome/115.0.1.0 Safari/537.30

Targets

- Target
  
  25418f9accfaa84b3ea5ef662fc2b24f9782d1e2e00c1303f879f11afc2eec7b
- Size
  
  356KB
- MD5
  
  3656380b872547ff69f460c90328d257
- SHA1
  
  d9669ed63561e3419900c72207a66f9443e26075
- SHA256
  
  25418f9accfaa84b3ea5ef662fc2b24f9782d1e2e00c1303f879f11afc2eec7b
- SHA512
  
  1c5ebf89b64eafc1231ee90898897cdd58b9ced7c8a59ee1f33033fe9a66f6e8bf1f26869c5e8a2d1284587f77c9c56172e572ea7942923b73efba4323547a18
- SSDEEP
  
  6144:h2+XqGAdyvA944aSL0g7SLjxhDOfeNROhXkO6J5+UUZfA:h2+XqUvA92/gGLjzDqeNROhl6TQ
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

980843ac508a7fe8f556d42e4c5cfb54vidar

behavioral1