vidar | 96e9948b37188d0c48723879819dd61e7a50394e6f789a278be7ade26bb0df40 | Triage

Submit
Reports

Overview

overview

Static

static

3

f1c61308ec...18.exe

windows7-x64

f1c61308ec...18.exe

windows10-2004-x64

Sharing

General

Target

f1c61308ec715bd60e85528da059b067_JaffaCakes118
Size

694KB
Sample

240415-yekhtaed86
MD5

f1c61308ec715bd60e85528da059b067
SHA1

563c6c64c8a51782f3d25be04742d7237303f061
SHA256

96e9948b37188d0c48723879819dd61e7a50394e6f789a278be7ade26bb0df40
SHA512

4567fe9bba0f3a4c6da6783c169fd5fca85f6940e625499d52644ea0256068bbaaa8947fd72bb72c93648cac47a53df06b81393b4e7ed7495f04fc86d1fe7009
SSDEEP

12288:tDR6zb2IAbh0dthDOUuPWLaZlAAMkthS+dhaPTOOybiYE28hnvk5n:Gv2bbhiDOUXLanokpbaPT0biK8hs5n

Score

10^/10

vidar 517 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f1c61308ec715bd60e85528da059b067_JaffaCakes118.exe

Resource

win7-20240221-en

vidar 517 stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f1c61308ec715bd60e85528da059b067_JaffaCakes118.exe

Resource

win10v2004-20240226-en

vidar 517 stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

40

Botnet

517

C2

https://lenak513.tumblr.com/

Attributes

profile_id
517

Targets

- Target
  
  f1c61308ec715bd60e85528da059b067_JaffaCakes118
- Size
  
  694KB
- MD5
  
  f1c61308ec715bd60e85528da059b067
- SHA1
  
  563c6c64c8a51782f3d25be04742d7237303f061
- SHA256
  
  96e9948b37188d0c48723879819dd61e7a50394e6f789a278be7ade26bb0df40
- SHA512
  
  4567fe9bba0f3a4c6da6783c169fd5fca85f6940e625499d52644ea0256068bbaaa8947fd72bb72c93648cac47a53df06b81393b4e7ed7495f04fc86d1fe7009
- SSDEEP
  
  12288:tDR6zb2IAbh0dthDOUuPWLaZlAAMkthS+dhaPTOOybiYE28hnvk5n:Gv2bbhiDOUXLanokpbaPT0biK8hs5n
Score

10^/10

vidar 517 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

vidar517stealer

behavioral2

vidar517stealer

© 2018-2024

Terms | Privacy