vidar | 8322608c6f06c924458946685ff76fd1a4dc676e4cab3acf1312fb9ab5143bd4 | Triage

Submit
Reports

Overview

overview

Static

static

1

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

file
Size

224KB
Sample

240328-r8f9xshh85
MD5

aba4db269a810b878f86ffabb47ca06c
SHA1

d141ffdd0842ccbe7e471fd84d2dc0a64b4a954b
SHA256

8322608c6f06c924458946685ff76fd1a4dc676e4cab3acf1312fb9ab5143bd4
SHA512

8dc43e4375180340bf78701aed48d4c9ace51d3a02d461ed9af9245407d01e5ad51e8408b819a396bf57c50dc5bd94caf60f6beae4f1cfba7beefcca893b370d
SSDEEP

3072:fx/loYA7RGHfvz9Qd8TSh3e0gc2Fk798FoCLP/SFpn4B9MgVCNu2WxyhvXED:pLA7MzSd3e0gcmg4oaW4Xdxym

Score

10^/10

vidar debff3f4f38e9beeaf8e215a762c8549 stealer

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20240221-en

vidar debff3f4f38e9beeaf8e215a762c8549 stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20240226-en

vidar debff3f4f38e9beeaf8e215a762c8549 stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

8.6

Botnet

debff3f4f38e9beeaf8e215a762c8549

C2

https://steamcommunity.com/profiles/76561199658817715

https://t.me/sa9ok

Attributes

profile_id_v2
debff3f4f38e9beeaf8e215a762c8549
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36

Targets

- Target
  
  file
- Size
  
  224KB
- MD5
  
  aba4db269a810b878f86ffabb47ca06c
- SHA1
  
  d141ffdd0842ccbe7e471fd84d2dc0a64b4a954b
- SHA256
  
  8322608c6f06c924458946685ff76fd1a4dc676e4cab3acf1312fb9ab5143bd4
- SHA512
  
  8dc43e4375180340bf78701aed48d4c9ace51d3a02d461ed9af9245407d01e5ad51e8408b819a396bf57c50dc5bd94caf60f6beae4f1cfba7beefcca893b370d
- SSDEEP
  
  3072:fx/loYA7RGHfvz9Qd8TSh3e0gc2Fk798FoCLP/SFpn4B9MgVCNu2WxyhvXED:pLA7MzSd3e0gcmg4oaW4Xdxym
Score

10^/10

vidar debff3f4f38e9beeaf8e215a762c8549 stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

vidardebff3f4f38e9beeaf8e215a762c8549stealer

behavioral2

vidardebff3f4f38e9beeaf8e215a762c8549stealer

© 2018-2025

Terms | Privacy