vidar | cdd1ac2ccf205bcc0e8fecb0b117b809fcade0fcc0eba5f6b85a5dfc88443344 | Triage

Submit
Reports

Overview

overview

Static

static

3

5e968b323d...18.exe

windows7-x64

5e968b323d...18.exe

windows10-2004-x64

Sharing

General

Target

5e968b323d6dc7777a4eb797c8b99ac1_JaffaCakes118
Size

1.1MB
Sample

240331-1br5lacf8s
MD5

5e968b323d6dc7777a4eb797c8b99ac1
SHA1

c427a514f70410dba47e5799f23bd511ce39ec14
SHA256

cdd1ac2ccf205bcc0e8fecb0b117b809fcade0fcc0eba5f6b85a5dfc88443344
SHA512

fb17586b212cfc95f0ddddda81530e3ca79c47ff5545889b77ffa8b1a555319958bf5f310a9fd8efaa23cae29cc6caaf6b1a3dc5fac8bf87249b2b2be4b74616
SSDEEP

24576:XWu5DVqymRic1W4c2vRMILLwStCOrMA0/lCrtvti:XWu7s1WDrOsStCfA0Itv

Score

10^/10

vidar 921 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5e968b323d6dc7777a4eb797c8b99ac1_JaffaCakes118.exe

Resource

win7-20240215-en

vidar 921 stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

5e968b323d6dc7777a4eb797c8b99ac1_JaffaCakes118.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

41.3

Botnet

921

C2

https://mas.to/@oleg98

Attributes

profile_id
921

Targets

- Target
  
  5e968b323d6dc7777a4eb797c8b99ac1_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  5e968b323d6dc7777a4eb797c8b99ac1
- SHA1
  
  c427a514f70410dba47e5799f23bd511ce39ec14
- SHA256
  
  cdd1ac2ccf205bcc0e8fecb0b117b809fcade0fcc0eba5f6b85a5dfc88443344
- SHA512
  
  fb17586b212cfc95f0ddddda81530e3ca79c47ff5545889b77ffa8b1a555319958bf5f310a9fd8efaa23cae29cc6caaf6b1a3dc5fac8bf87249b2b2be4b74616
- SSDEEP
  
  24576:XWu5DVqymRic1W4c2vRMILLwStCOrMA0/lCrtvti:XWu7s1WDrOsStCfA0Itv
Score

10^/10

vidar 921 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

vidar921stealer

behavioral2

© 2018-2024

Terms | Privacy