vidar | de49d99aca6f263329701def3789f4844cec7b66eada3ecdfc122d91a061beed | Triage

Sharing

General

Target

mkhg_regogo.exe
Size

1.2MB
Sample

231012-hlzcjscf2x
MD5

1f65e4a559b6ca5bca255e34914d2a16
SHA1

35177abc3c3b2d8bde1e5fb5b91223d9f9a80d96
SHA256

de49d99aca6f263329701def3789f4844cec7b66eada3ecdfc122d91a061beed
SHA512

44c0560fd0fb995a07a4bda63bdc45184048c42038cd79a314949640353951862c511cdd8ff7f1b0c4c7bc1fce677124f9ef6c289893c0c534f65737aaf1cd8c
SSDEEP

12288:aG3LBPOWjgduS18IFGL55r8eHwN6hKNCoJn1jZMPBP6IVmtQFLkw8tBKyp/DH2DS:hBry8IFQL8x8C1QOw8tBJtHaSlYITb26

Score

10^/10

vidar ae7206f995af44407705655c590dd082 stealer

Malware Config

Extracted

Family

vidar

Version

5.6

Botnet

ae7206f995af44407705655c590dd082

C2

https://steamcommunity.com/profiles/76561199550790047

https://t.me/bonoboaz

Attributes

profile_id_v2
ae7206f995af44407705655c590dd082
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 OPR/103.0.0.0

Targets

- Target
  
  mkhg_regogo.exe
- Size
  
  1.2MB
- MD5
  
  1f65e4a559b6ca5bca255e34914d2a16
- SHA1
  
  35177abc3c3b2d8bde1e5fb5b91223d9f9a80d96
- SHA256
  
  de49d99aca6f263329701def3789f4844cec7b66eada3ecdfc122d91a061beed
- SHA512
  
  44c0560fd0fb995a07a4bda63bdc45184048c42038cd79a314949640353951862c511cdd8ff7f1b0c4c7bc1fce677124f9ef6c289893c0c534f65737aaf1cd8c
- SSDEEP
  
  12288:aG3LBPOWjgduS18IFGL55r8eHwN6hKNCoJn1jZMPBP6IVmtQFLkw8tBKyp/DH2DS:hBry8IFQL8x8C1QOw8tBJtHaSlYITb26
Score

10^/10

vidar ae7206f995af44407705655c590dd082 stealer
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

vidarae7206f995af44407705655c590dd082stealer