vidar

General

Target

cd53d2bae5ec8268dfe72cdea2f284d4a4d99a8a6714d18d89dd25119921ec6a
Size

208KB
Sample

240417-qnc64aah2w
MD5

1a2a6c838cb1cfe7d377108a5b84d238
SHA1

017c35eb15807f02659335df49f53ffd4100a1c5
SHA256

cd53d2bae5ec8268dfe72cdea2f284d4a4d99a8a6714d18d89dd25119921ec6a
SHA512

0fb779aa44920e038c9f82b0e4d41558e2e918b0b535ea34d08a5376f5d9da80ef2f9af546a637222852d0ca4d87add34504e68c38eb66d24b8f8d16671c0fa7
SSDEEP

6144:8zpmfEWWyd5XT1KrcASpMHp0CaSPRbzp6m:nIydCrjSGCPe5

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

8.5

Botnet

e1d2225c9e4727fe2818a17924d7e065

C2

https://steamcommunity.com/profiles/76561199658817715

https://t.me/sa9ok

Attributes

profile_id_v2
e1d2225c9e4727fe2818a17924d7e065
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36

Targets

- Target
  
  5230c370cbdb95a2f4a30e70b7ac6a857af81c9498ef473704778fe86e6dbe1e.exe
- Size
  
  224KB
- MD5
  
  769c8ad3f187882a49cda5d26103730c
- SHA1
  
  dae972d44336ffbb28509eabe946e83972166502
- SHA256
  
  5230c370cbdb95a2f4a30e70b7ac6a857af81c9498ef473704778fe86e6dbe1e
- SHA512
  
  08a5f80741ea4b0325efe15ad69feb44f4ea1a8ace70f072109f4ec19ad4bc56185aa5f3f734b03906ad3691f9cae43aea3a4ba88e507f97a753e11ca913669c
- SSDEEP
  
  3072:Q52Gig7F8wUC1mK2iKkb8YxhX7EQXdeBvR/P4ieqSgvBEn/zcAGqxp6qUDbKSB/:sdF8l9sKqHbYQU/BSg5En/zqq/6qU/
Score

10^/10

vidar e1d2225c9e4727fe2818a17924d7e065 stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Subvert Trust Controls

1

T1553

Install Root Certificate

1

T1553.004

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detect Vidar Stealer

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2