vidar | a4b05d52ea75d56b2e6ba0a153eb638290b546a86e5702b6ab1a15243a1e25a7 | Triage

Submit
Reports

Overview

overview

Static

static

3

Inchr_StEx....1.rar

windows10-2004-x64

Inchr_StEx....1.rar

windows11-21h2-x64

3

Resubmissions

03-04-2024 19:54

240403-ymwwtabd88 10

29-03-2024 17:27

240329-v1sjrsde91 10

Sharing

General

Target

Inchr_StExta_Itst_v.3.1.rar
Size

102.1MB
Sample

240329-v1sjrsde91
MD5

b35a8f49f22ba7206fad6526ac34f676
SHA1

6a891561a94655ae415b588104e62e5b0bb4d56f
SHA256

a4b05d52ea75d56b2e6ba0a153eb638290b546a86e5702b6ab1a15243a1e25a7
SHA512

e9713bd82429611fd5799470a5e19defa09d960d336245733f38f08b4dbbbc67b6b7fa4a6a09a8885c0ac3f6605e82675ca8deee2103f85ee0782c44c6daaf0e
SSDEEP

3145728:okTYasCFkAhweVB8SWh/s1ncJVn+t6Y7MREum8ySR1F:zkAhwjSWRCc/+t6EMRMBSR1F

Score

10^/10

vidar cd7c97cce7ba52cbbfd2d03e0a6f87c3 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Inchr_StExta_Itst_v.3.1.rar

Resource

win10v2004-20240226-en

vidar cd7c97cce7ba52cbbfd2d03e0a6f87c3 stealer

windows10-2004-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

Inchr_StExta_Itst_v.3.1.rar

Resource

win11-20240319-en

windows11-21h2-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

8.6

Botnet

cd7c97cce7ba52cbbfd2d03e0a6f87c3

C2

https://steamcommunity.com/profiles/76561199658817715

https://t.me/sa9ok

Attributes

profile_id_v2
cd7c97cce7ba52cbbfd2d03e0a6f87c3
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36

Targets

- Target
  
  Inchr_StExta_Itst_v.3.1.rar
- Size
  
  102.1MB
- MD5
  
  b35a8f49f22ba7206fad6526ac34f676
- SHA1
  
  6a891561a94655ae415b588104e62e5b0bb4d56f
- SHA256
  
  a4b05d52ea75d56b2e6ba0a153eb638290b546a86e5702b6ab1a15243a1e25a7
- SHA512
  
  e9713bd82429611fd5799470a5e19defa09d960d336245733f38f08b4dbbbc67b6b7fa4a6a09a8885c0ac3f6605e82675ca8deee2103f85ee0782c44c6daaf0e
- SSDEEP
  
  3145728:okTYasCFkAhweVB8SWh/s1ncJVn+t6Y7MREum8ySR1F:zkAhwjSWRCc/+t6EMRMBSR1F
Score

10^/10

vidar cd7c97cce7ba52cbbfd2d03e0a6f87c3 stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidarcd7c97cce7ba52cbbfd2d03e0a6f87c3stealer

behavioral2

© 2018-2025

Terms | Privacy