vidar | b991fce892f5e73142a5b5aa3304b6f8456f2cd74e12013576dc2286d2cd89d4 | Triage

Sharing

General

Target

cc0e520063121a2d7e1a1181bda07aeb
Size

575KB
Sample

231228-hbb49sadd7
MD5

cc0e520063121a2d7e1a1181bda07aeb
SHA1

d5f487b1aaa4dfd92a7d4dc375a6aff862e3886d
SHA256

b991fce892f5e73142a5b5aa3304b6f8456f2cd74e12013576dc2286d2cd89d4
SHA512

8a39fe3645face64b0e61f2077575c1395bbc240bac0f8b1746be0f667f5c038a14bcf23d8323e6ac3466f824478837d1eadaa43ce7b276b57c9794e6592438b
SSDEEP

12288:rbm8XJPNeFcmUnVFYaP5YRGB0+1uLQwqblrwFXZYYIm7YxYmpW:e8Xj72OCAuLOSIp7p

Score

10^/10

vidar 828 stealer

Malware Config

Extracted

Family

vidar

Version

39.8

Botnet

828

C2

https://xeronxikxxx.tumblr.com/

Attributes

profile_id
828

Targets

- Target
  
  cc0e520063121a2d7e1a1181bda07aeb
- Size
  
  575KB
- MD5
  
  cc0e520063121a2d7e1a1181bda07aeb
- SHA1
  
  d5f487b1aaa4dfd92a7d4dc375a6aff862e3886d
- SHA256
  
  b991fce892f5e73142a5b5aa3304b6f8456f2cd74e12013576dc2286d2cd89d4
- SHA512
  
  8a39fe3645face64b0e61f2077575c1395bbc240bac0f8b1746be0f667f5c038a14bcf23d8323e6ac3466f824478837d1eadaa43ce7b276b57c9794e6592438b
- SSDEEP
  
  12288:rbm8XJPNeFcmUnVFYaP5YRGB0+1uLQwqblrwFXZYYIm7YxYmpW:e8Xj72OCAuLOSIp7p
Score

10^/10

vidar 828 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

vidar828stealer

behavioral2