vidar

General

Target

https://www.youtube.com/watch?v=28GLpyICU9A
Sample

240226-sq4g6shc68

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

7.8

Botnet

97b92d10859a319d8736cd53ff3f8868

C2

http://5.252.118.12:80

https://t.me/voolkisms

https://t.me/karl3on

https://steamcommunity.com/profiles/76561199637071579

Attributes

profile_id_v2
97b92d10859a319d8736cd53ff3f8868
user_agent
Mozilla/5.0 (X11; Linux 3.5.4-1-ARCH i686; es) KHTML/4.9.1 (like Gecko) Konqueror/4.9

Targets

- Target
  
  https://www.youtube.com/watch?v=28GLpyICU9A
Score

10^/10

vidar 97b92d10859a319d8736cd53ff3f8868 stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Executes dropped EXE
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detect Vidar Stealer

Executes dropped EXE

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

urlscan1

behavioral1