vidar | 894915599d96fa12a9e8b58d57bf739b4b5d6a6ae9ef340c9514396f5b7dd170 | Triage

Sharing

General

Target

362e26b4281adc9eadd828b7d28a1a3c
Size

544KB
Sample

231231-pnrh2sgeel
MD5

362e26b4281adc9eadd828b7d28a1a3c
SHA1

48dc8a821b026a52dbd69bd00e5a8e6880fcc41f
SHA256

894915599d96fa12a9e8b58d57bf739b4b5d6a6ae9ef340c9514396f5b7dd170
SHA512

df3661f341065860aff7e9f8abe9c40c74e151b8c912999ad16c1ad442510c38864176fa9b52c8a2399d00a3b9a9b02e1609df8a5193758cd870d083afe2d158
SSDEEP

12288:uDR6KLwRdC8o2RW4wmIBKN4vf46iZN+JuOuNi:pGw7VoWW1BKE4bN+ki

Score

10^/10

vidar 916 stealer

Malware Config

Extracted

Family

vidar

Version

40

Botnet

916

C2

https://lenak513.tumblr.com/

Attributes

profile_id
916

Targets

- Target
  
  362e26b4281adc9eadd828b7d28a1a3c
- Size
  
  544KB
- MD5
  
  362e26b4281adc9eadd828b7d28a1a3c
- SHA1
  
  48dc8a821b026a52dbd69bd00e5a8e6880fcc41f
- SHA256
  
  894915599d96fa12a9e8b58d57bf739b4b5d6a6ae9ef340c9514396f5b7dd170
- SHA512
  
  df3661f341065860aff7e9f8abe9c40c74e151b8c912999ad16c1ad442510c38864176fa9b52c8a2399d00a3b9a9b02e1609df8a5193758cd870d083afe2d158
- SSDEEP
  
  12288:uDR6KLwRdC8o2RW4wmIBKN4vf46iZN+JuOuNi:pGw7VoWW1BKE4bN+ki
Score

10^/10

vidar 916 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

vidar916stealer

behavioral2