vidar

General

Target

7658a56d7ea6afcc08a4f44652e04d98b5f83b8ec232b341ffa59aa77cd568ec.exe
Size

328KB
Sample

231201-wqzqrsef25
MD5

8d6be514da06d4376ac1effe95572578
SHA1

c2a7b7ae2e895bcfe4455e9b18f3336249a496c5
SHA256

7658a56d7ea6afcc08a4f44652e04d98b5f83b8ec232b341ffa59aa77cd568ec
SHA512

b13d721d65fb1a54f067805f72ea32e2a9ff729d0898024f880fec51647292c9a55d0c8f9498e5573eb8c5597810011dccb96167f86be44a55348c4bb65bd13a
SSDEEP

3072:u36rA0FEWtpc+5JUbBIZXEd9JtqHdOWIY+TUl9TxAtDAF+syZ0xZz:wtGta+5qBIibJtZg+CyI+Mx

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

6.7

Botnet

aef20f7eb91ec5457d74e4fa0796c2bf

C2

https://t.me/s4p0g

https://steamcommunity.com/profiles/76561199575355834

Attributes

profile_id_v2
aef20f7eb91ec5457d74e4fa0796c2bf

Targets

- Target
  
  7658a56d7ea6afcc08a4f44652e04d98b5f83b8ec232b341ffa59aa77cd568ec.exe
- Size
  
  328KB
- MD5
  
  8d6be514da06d4376ac1effe95572578
- SHA1
  
  c2a7b7ae2e895bcfe4455e9b18f3336249a496c5
- SHA256
  
  7658a56d7ea6afcc08a4f44652e04d98b5f83b8ec232b341ffa59aa77cd568ec
- SHA512
  
  b13d721d65fb1a54f067805f72ea32e2a9ff729d0898024f880fec51647292c9a55d0c8f9498e5573eb8c5597810011dccb96167f86be44a55348c4bb65bd13a
- SSDEEP
  
  3072:u36rA0FEWtpc+5JUbBIZXEd9JtqHdOWIY+TUl9TxAtDAF+syZ0xZz:wtGta+5qBIibJtZg+CyI+Mx
Score

10^/10

vidar aef20f7eb91ec5457d74e4fa0796c2bf stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1

T1553

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2