vidar | b37f9988861fbdcdf6d9767818f6099a4f6773553bde2fe24c075e8405fbf869 | Triage

Submit
Reports

Overview

overview

Static

static

3

f2d4c37039...18.exe

windows7-x64

f2d4c37039...18.exe

windows10-2004-x64

Sharing

General

Target

f2d4c37039aa66843a3dab47842e7f23_JaffaCakes118
Size

735KB
Sample

240416-gl6wyscg4v
MD5

f2d4c37039aa66843a3dab47842e7f23
SHA1

38260424754ab0deb78f2a9967d95727781776bb
SHA256

b37f9988861fbdcdf6d9767818f6099a4f6773553bde2fe24c075e8405fbf869
SHA512

bfcfeb2dcf9b21fad3dda44fcfe293b3b6e8b2d0b5ae8fca5271172c8cf9653e88408eca41c5687c08af902c5de37334d157ca406fcf8b64dbe5138135501198
SSDEEP

12288:9GFN7CUrZoUw/JVitqCejgVXo7owxI+WaSvoIy4F+1h0gD6H29a4:u7rloUw/D8Xo7oIuRngD6H6

Score

10^/10

vidar 517 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f2d4c37039aa66843a3dab47842e7f23_JaffaCakes118.exe

Resource

win7-20240221-en

vidar 517 stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f2d4c37039aa66843a3dab47842e7f23_JaffaCakes118.exe

Resource

win10v2004-20240412-en

vidar 517 stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

40.2

Botnet

517

C2

https://kipriauka.tumblr.com/

Attributes

profile_id
517

Targets

- Target
  
  f2d4c37039aa66843a3dab47842e7f23_JaffaCakes118
- Size
  
  735KB
- MD5
  
  f2d4c37039aa66843a3dab47842e7f23
- SHA1
  
  38260424754ab0deb78f2a9967d95727781776bb
- SHA256
  
  b37f9988861fbdcdf6d9767818f6099a4f6773553bde2fe24c075e8405fbf869
- SHA512
  
  bfcfeb2dcf9b21fad3dda44fcfe293b3b6e8b2d0b5ae8fca5271172c8cf9653e88408eca41c5687c08af902c5de37334d157ca406fcf8b64dbe5138135501198
- SSDEEP
  
  12288:9GFN7CUrZoUw/JVitqCejgVXo7owxI+WaSvoIy4F+1h0gD6H29a4:u7rloUw/D8Xo7oIuRngD6H6
Score

10^/10

vidar 517 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

vidar517stealer

behavioral2

vidar517stealer

© 2018-2024

Terms | Privacy