vidar | aec939deb139f7f80a4e618f076ed2fe80d7f2bed77ba59336b1fd0470a0d7fa | Triage

Sharing

General

Target

4e5179eec2634bdfabe616fee23790ed
Size

665KB
Sample

231226-dfy3dacabq
MD5

4e5179eec2634bdfabe616fee23790ed
SHA1

b2dc1c249b271c8dbd87d9a54d8fbb5a6158dc25
SHA256

aec939deb139f7f80a4e618f076ed2fe80d7f2bed77ba59336b1fd0470a0d7fa
SHA512

329d13890afbf7cc64f61bbee39ebd9a1b1fda2065ee6e0f9d54adcdcb27a27db16d5143c21c71d0b141b8c207b3061b83670411c0eee196b9a3a98770682441
SSDEEP

12288:Qm5XCDJXxwcfU98GHWp8De2VQKVncHsoJSt1U5bSOT4v9cgjCc0sYnxnVW:edXxwMp8fVQKZcHzJSnMbSCgj3Yne

Score

10^/10

vidar 828 stealer

Malware Config

Extracted

Family

vidar

Version

39.7

Botnet

828

C2

https://shpak125.tumblr.com/

Attributes

profile_id
828

Targets

- Target
  
  4e5179eec2634bdfabe616fee23790ed
- Size
  
  665KB
- MD5
  
  4e5179eec2634bdfabe616fee23790ed
- SHA1
  
  b2dc1c249b271c8dbd87d9a54d8fbb5a6158dc25
- SHA256
  
  aec939deb139f7f80a4e618f076ed2fe80d7f2bed77ba59336b1fd0470a0d7fa
- SHA512
  
  329d13890afbf7cc64f61bbee39ebd9a1b1fda2065ee6e0f9d54adcdcb27a27db16d5143c21c71d0b141b8c207b3061b83670411c0eee196b9a3a98770682441
- SSDEEP
  
  12288:Qm5XCDJXxwcfU98GHWp8De2VQKVncHsoJSt1U5bSOT4v9cgjCc0sYnxnVW:edXxwMp8fVQKZcHzJSnMbSCgj3Yne
Score

10^/10

vidar 828 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

vidar828stealer

behavioral2