vidar | f354a8a36858de0b24051590ecb10effd9acd799cb63c1c69666780c7a6c9f06 | Triage

Submit
Reports

Overview

overview

Static

static

1

7c22cd6ae7...ab.exe

windows7-x64

7c22cd6ae7...ab.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

f354a8a36858de0b24051590ecb10effd9acd799cb63c1c69666780c7a6c9f06
Size

239KB
Sample

240417-qqjrnahe22
MD5

2aaec13b39dbb97eb91f12158220505a
SHA1

3832a37c98794fe102715d216220ea97d2c46519
SHA256

f354a8a36858de0b24051590ecb10effd9acd799cb63c1c69666780c7a6c9f06
SHA512

b28cbe95ef4fd99d9c88b17eb4b2e9b587504311e9a5b813ddf0d32a0447cf16babda725d53bedd2e06d5939718c689a57981198bf5efcf03b89dcd4ad29e299
SSDEEP

6144:YgleFHRhUcVDl2hLZQrH+DDGhJsTVTHwPwX:YgleWcHanGhuVTHP

Score

10^/10

vidar 4cf8d799a3641f9821e54be56c960e28 stealer

Static task

static1

Behavioral task

behavioral1

Sample

7c22cd6ae7ec51834e36037722d64796c6c59a51b5f3dcd51faf5147aff650ab.exe

Resource

win7-20240220-en

vidar 4cf8d799a3641f9821e54be56c960e28 stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

7c22cd6ae7ec51834e36037722d64796c6c59a51b5f3dcd51faf5147aff650ab.exe

Resource

win10v2004-20240412-en

vidar 4cf8d799a3641f9821e54be56c960e28 stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

8.4

Botnet

4cf8d799a3641f9821e54be56c960e28

C2

https://steamcommunity.com/profiles/76561199654112719

https://t.me/r2d0s

Attributes

profile_id_v2
4cf8d799a3641f9821e54be56c960e28
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0

Targets

- Target
  
  7c22cd6ae7ec51834e36037722d64796c6c59a51b5f3dcd51faf5147aff650ab.exe
- Size
  
  275KB
- MD5
  
  21ad0d415c592aaa62f5dda5a1e2f8a8
- SHA1
  
  598c92641b690dfc9dcc70387122b321720d324e
- SHA256
  
  7c22cd6ae7ec51834e36037722d64796c6c59a51b5f3dcd51faf5147aff650ab
- SHA512
  
  9fdd584020b12b468c8d0ec878f8a22d99db954843a7749f75de51a5d2c903ecb5d5cab7d157466a17d58c318e23ea9e611fd63929106ae0b1b595e8824e5b34
- SSDEEP
  
  6144:DStgmT/OY2XfZnXSS5fKchWSy4iwIRgqxVPVQGbl5BL:DStgmCZCSZWSy4iwkzPP3BL
Score

10^/10

vidar 4cf8d799a3641f9821e54be56c960e28 stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

vidar4cf8d799a3641f9821e54be56c960e28stealer

behavioral2

vidar4cf8d799a3641f9821e54be56c960e28stealer

© 2018-2025

Terms | Privacy