vidar

General

Target

file.exe
Size

211KB
Sample

240229-vxjsfsgb36
MD5

77badd4fd610c2abc079680ca6661f18
SHA1

9d2e4875e509dccf60705a5baf666c4c4a7616d7
SHA256

0e8fbee0bc9bf2582c73dbb5c0e58abdeaecb7689f51bf16e888604e329aae6c
SHA512

7b06fd9db9fe6f637ab50671744172d749b75eadfa5707d25e6c9d0a7adae49ffbe922f582e2f1816d683f1b8a4b0717fc4a10234c7147e4a6e84d6be03ff242
SSDEEP

3072:u8i3u+X+RbpTL/iD37WiZ9pi6Ry9x+5fLUn7TzDPaVYoE:w3u+uRlTrc75i6Ryf+BLUnPzb

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

8

Botnet

438c7562661d92141bb0adbe01c2fc5f

C2

https://steamcommunity.com/profiles/76561199644883218

https://t.me/neoschats

Attributes

profile_id_v2
438c7562661d92141bb0adbe01c2fc5f
user_agent
Mozilla/5.0 (Linux; Android 11; M2102J20SG) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Mobile Safari/537.36 EdgA/97.0.1072.78

Targets

- Target
  
  file.exe
- Size
  
  211KB
- MD5
  
  77badd4fd610c2abc079680ca6661f18
- SHA1
  
  9d2e4875e509dccf60705a5baf666c4c4a7616d7
- SHA256
  
  0e8fbee0bc9bf2582c73dbb5c0e58abdeaecb7689f51bf16e888604e329aae6c
- SHA512
  
  7b06fd9db9fe6f637ab50671744172d749b75eadfa5707d25e6c9d0a7adae49ffbe922f582e2f1816d683f1b8a4b0717fc4a10234c7147e4a6e84d6be03ff242
- SSDEEP
  
  3072:u8i3u+X+RbpTL/iD37WiZ9pi6Ry9x+5fLUn7TzDPaVYoE:w3u+uRlTrc75i6Ryf+BLUnPzb
Score

10^/10

vidar 438c7562661d92141bb0adbe01c2fc5f stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1

T1553

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detect Vidar Stealer

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2