vidar | 4b8108f69b6b6d3c1864f4f6e07e9bd9692ac780d6c39838c8e2e0aef569edc9 | Triage

Submit
Reports

Overview

overview

Static

static

7

8f45084229...39.exe

windows7-x64

8f45084229...39.exe

windows10-2004-x64

Sharing

General

Target

8f450842295f11d02566dec2fd908439
Size

4.2MB
Sample

231219-yydjlsdea5
MD5

8f450842295f11d02566dec2fd908439
SHA1

44a490992ee129d575248e005dfff75e06f3e190
SHA256

4b8108f69b6b6d3c1864f4f6e07e9bd9692ac780d6c39838c8e2e0aef569edc9
SHA512

a163f62c89f169d7cbaa966b6acc0065e75d62eb01fcd01e6521ab00541ea8f14a01ab61ce18e6c18d308daccc409597c3d72c94b8e4b3605c967f0ebab906b4
SSDEEP

98304:Ixlu7TMELV3C0FgZZYdnkIPy35W3j+Ixs+biKPd+M:Iru7Tn0jEHy306GriC

Score

10^/10

vidar 1028 stealer vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

8f450842295f11d02566dec2fd908439.exe

Resource

win7-20231129-en

vidar 1028 stealer vmprotect

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

8f450842295f11d02566dec2fd908439.exe

Resource

win10v2004-20231215-en

vidar 1028 stealer vmprotect

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

41.1

Botnet

1028

C2

https://mas.to/@bardak1ho

Attributes

profile_id
1028

Targets

- Target
  
  8f450842295f11d02566dec2fd908439
- Size
  
  4.2MB
- MD5
  
  8f450842295f11d02566dec2fd908439
- SHA1
  
  44a490992ee129d575248e005dfff75e06f3e190
- SHA256
  
  4b8108f69b6b6d3c1864f4f6e07e9bd9692ac780d6c39838c8e2e0aef569edc9
- SHA512
  
  a163f62c89f169d7cbaa966b6acc0065e75d62eb01fcd01e6521ab00541ea8f14a01ab61ce18e6c18d308daccc409597c3d72c94b8e4b3605c967f0ebab906b4
- SSDEEP
  
  98304:Ixlu7TMELV3C0FgZZYdnkIPy35W3j+Ixs+biKPd+M:Iru7Tn0jEHy306GriC
Score

10^/10

vidar 1028 stealer vmprotect
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

vidar1028stealervmprotect

behavioral2

vidar1028stealervmprotect

© 2018-2024

Terms | Privacy