vidar | bb9a6242991d0d9bf29011e503cb679537dda42fab5451869ce866b3dada19ca | Triage

Submit
Reports

Overview

overview

Static

static

1

308c3af9d4...a0.exe

windows7-x64

308c3af9d4...a0.exe

windows10-2004-x64

Sharing

General

Target

308c3af9d49308ea263e70bc4f946fa0
Size

1.5MB
Sample

231231-k9j9msbeb3
MD5

308c3af9d49308ea263e70bc4f946fa0
SHA1

962bd5aaa2d7441a27c931932cc003491aa66dad
SHA256

bb9a6242991d0d9bf29011e503cb679537dda42fab5451869ce866b3dada19ca
SHA512

da8fcd80d98a62eaef1a57d87fcb990d47e0ebe2aa0834a16262810b5fd36bcb8f05a08a093e19b3c498277f97adc12f0725f122b7b7047e495f39647cfee40f
SSDEEP

24576:9xSiXHVIHkbV5qXeRqVo5h1VPpcGWjNr3Vw/MP85slp+t4ioscQPFc8HTWK0g+WA:9Qi3VIek5Vo5PcQUPhZxQSUDV+W2x

Score

10^/10

vidar 921 stealer

Static task

static1

Behavioral task

behavioral1

Sample

308c3af9d49308ea263e70bc4f946fa0.exe

Resource

win7-20231215-en

vidar 921 stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

308c3af9d49308ea263e70bc4f946fa0.exe

Resource

win10v2004-20231215-en

vidar 921 stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

39.9

Botnet

921

C2

https://prophefliloc.tumblr.com/

Attributes

profile_id
921

Targets

- Target
  
  308c3af9d49308ea263e70bc4f946fa0
- Size
  
  1.5MB
- MD5
  
  308c3af9d49308ea263e70bc4f946fa0
- SHA1
  
  962bd5aaa2d7441a27c931932cc003491aa66dad
- SHA256
  
  bb9a6242991d0d9bf29011e503cb679537dda42fab5451869ce866b3dada19ca
- SHA512
  
  da8fcd80d98a62eaef1a57d87fcb990d47e0ebe2aa0834a16262810b5fd36bcb8f05a08a093e19b3c498277f97adc12f0725f122b7b7047e495f39647cfee40f
- SSDEEP
  
  24576:9xSiXHVIHkbV5qXeRqVo5h1VPpcGWjNr3Vw/MP85slp+t4ioscQPFc8HTWK0g+WA:9Qi3VIek5Vo5PcQUPhZxQSUDV+W2x
Score

10^/10

vidar 921 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

vidar921stealer

behavioral2

vidar921stealer

© 2018-2024

Terms | Privacy