vidar

General

Target

b07e0b48bc71cad112c096cba915fdb28853e2c2882c2fdb9c856c6752493216
Size

439KB
Sample

240313-flnjyadc8z
MD5

7ac3d045fabcf67626b3515daebf4e98
SHA1

7595d275aa0c8c17641065601b7d52468c214471
SHA256

b07e0b48bc71cad112c096cba915fdb28853e2c2882c2fdb9c856c6752493216
SHA512

dc74055191869eb74a2ce6a23b98f87c0b13f153eec09e7332570cd09b27d233ee57a3b50f0a7ad8d67e3f5eff04d5971822fb611c9853822dca425cf9f7d9e5
SSDEEP

6144:3FrVg9gU+57nzigO8CyekZVO9lsCtFCmsDNnEzGZK2dRt31Wh6ehSD:34q57nziZ+ekZV9UfsuzgL2Yeu

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

8.2

Botnet

4bdee70ef97ecade3f5bde57c699bd29

C2

https://steamcommunity.com/profiles/76561199651834633

https://t.me/raf6ik

Attributes

profile_id_v2
4bdee70ef97ecade3f5bde57c699bd29
user_agent
Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0

Targets

- Target
  
  b07e0b48bc71cad112c096cba915fdb28853e2c2882c2fdb9c856c6752493216
- Size
  
  439KB
- MD5
  
  7ac3d045fabcf67626b3515daebf4e98
- SHA1
  
  7595d275aa0c8c17641065601b7d52468c214471
- SHA256
  
  b07e0b48bc71cad112c096cba915fdb28853e2c2882c2fdb9c856c6752493216
- SHA512
  
  dc74055191869eb74a2ce6a23b98f87c0b13f153eec09e7332570cd09b27d233ee57a3b50f0a7ad8d67e3f5eff04d5971822fb611c9853822dca425cf9f7d9e5
- SSDEEP
  
  6144:3FrVg9gU+57nzigO8CyekZVO9lsCtFCmsDNnEzGZK2dRt31Wh6ehSD:34q57nziZ+ekZV9UfsuzgL2Yeu
Score

10^/10

vidar zgrat 4bdee70ef97ecade3f5bde57c699bd29 rat stealer
- Detect Vidar Stealer
  stealer
- Detect ZGRat V1
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Subvert Trust Controls

1

T1553

Install Root Certificate

1

T1553.004

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detect Vidar Stealer

Detect ZGRat V1

ZGRat

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2