vidar | b5ebaa343b2503597f1357226444b151f4e06f373fddf18e3c296cb386954b92 | Triage

Submit
Reports

Overview

overview

Static

static

3

ce81939f13...af.exe

windows7-x64

ce81939f13...af.exe

windows10-2004-x64

Sharing

General

Target

ce81939f138c0b4ed1b2e4ef76a042af
Size

731KB
Sample

240316-twh9vsge49
MD5

ce81939f138c0b4ed1b2e4ef76a042af
SHA1

ebdfc7db447d6586e5a9080d3c21403f4f5d05d8
SHA256

b5ebaa343b2503597f1357226444b151f4e06f373fddf18e3c296cb386954b92
SHA512

f4dfc766bb710f81cd5c26550819aa76371946e3e7b65d2d686c23ec5856010c5d6aa1e73cabe32320156c48a44acb3420c71d1807776f91cd755a0728e5b5d7
SSDEEP

12288:W0iRhPJwpkWfeMgimfMgXFSO96GXCeItKdwWcxSsje/AhE79OEdcTRBQ4mtmRliY:+6xW/nfMgX1J8Y6j2x78EKA4jRl

Score

10^/10

vidar 517 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ce81939f138c0b4ed1b2e4ef76a042af.exe

Resource

win7-20240221-en

vidar 517 stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

ce81939f138c0b4ed1b2e4ef76a042af.exe

Resource

win10v2004-20240226-en

vidar 517 stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

40.2

Botnet

517

C2

https://kipriauka.tumblr.com/

Attributes

profile_id
517

Targets

- Target
  
  ce81939f138c0b4ed1b2e4ef76a042af
- Size
  
  731KB
- MD5
  
  ce81939f138c0b4ed1b2e4ef76a042af
- SHA1
  
  ebdfc7db447d6586e5a9080d3c21403f4f5d05d8
- SHA256
  
  b5ebaa343b2503597f1357226444b151f4e06f373fddf18e3c296cb386954b92
- SHA512
  
  f4dfc766bb710f81cd5c26550819aa76371946e3e7b65d2d686c23ec5856010c5d6aa1e73cabe32320156c48a44acb3420c71d1807776f91cd755a0728e5b5d7
- SSDEEP
  
  12288:W0iRhPJwpkWfeMgimfMgXFSO96GXCeItKdwWcxSsje/AhE79OEdcTRBQ4mtmRliY:+6xW/nfMgX1J8Y6j2x78EKA4jRl
Score

10^/10

vidar 517 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

vidar517stealer

behavioral2

vidar517stealer

© 2018-2024

Terms | Privacy