vidar | b9220e18f15660f7649d01f17b9b787982442067449c0f27fce621f365b91edd | Triage

Submit
Reports

Overview

overview

Static

static

1

b9220e18f1...dd.exe

windows7-x64

3

b9220e18f1...dd.exe

windows10-2004-x64

Sharing

General

Target

b9220e18f15660f7649d01f17b9b787982442067449c0f27fce621f365b91edd.exe
Size

278KB
Sample

240328-c156radc2v
MD5

b6bbb03b84e589433f139d88ca24c62d
SHA1

2eeeed07176de200eaf5bc207852781ddc5da2b5
SHA256

b9220e18f15660f7649d01f17b9b787982442067449c0f27fce621f365b91edd
SHA512

09075709691b8fba668184b2469c5bdc7174bcb3e16de2d046bf7abff6257f941e36d2a28db2e42b88807e1ba3c15165875fb82485c621d60f9001bed62ee4de
SSDEEP

6144:5ok6GPg9b2t0eQnQqRRtf3G82ed6JcVsk:5D6GPg9b2t5+jRtfJdJB

Score

10^/10

vidar debff3f4f38e9beeaf8e215a762c8549 stealer

Static task

static1

Behavioral task

behavioral1

Sample

b9220e18f15660f7649d01f17b9b787982442067449c0f27fce621f365b91edd.exe

Resource

win7-20240221-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

b9220e18f15660f7649d01f17b9b787982442067449c0f27fce621f365b91edd.exe

Resource

win10v2004-20240226-en

vidar debff3f4f38e9beeaf8e215a762c8549 stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

8.6

Botnet

debff3f4f38e9beeaf8e215a762c8549

C2

https://steamcommunity.com/profiles/76561199658817715

https://t.me/sa9ok

Attributes

profile_id_v2
debff3f4f38e9beeaf8e215a762c8549
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36

Targets

- Target
  
  b9220e18f15660f7649d01f17b9b787982442067449c0f27fce621f365b91edd.exe
- Size
  
  278KB
- MD5
  
  b6bbb03b84e589433f139d88ca24c62d
- SHA1
  
  2eeeed07176de200eaf5bc207852781ddc5da2b5
- SHA256
  
  b9220e18f15660f7649d01f17b9b787982442067449c0f27fce621f365b91edd
- SHA512
  
  09075709691b8fba668184b2469c5bdc7174bcb3e16de2d046bf7abff6257f941e36d2a28db2e42b88807e1ba3c15165875fb82485c621d60f9001bed62ee4de
- SSDEEP
  
  6144:5ok6GPg9b2t0eQnQqRRtf3G82ed6JcVsk:5D6GPg9b2t5+jRtfJdJB
Score

10^/10

vidar debff3f4f38e9beeaf8e215a762c8549 stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Detects Windows executables referencing non-Windows User-Agents
- Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

vidardebff3f4f38e9beeaf8e215a762c8549stealer

© 2018-2025

Terms | Privacy