vidar | c7cd9c0bfb7ad72cc4270690f8bb73535357e89845749ce19233d8d7d64cd47d | Triage

Submit
Reports

Overview

overview

Static

static

1

c7cd9c0bfb...7d.exe

windows7-x64

c7cd9c0bfb...7d.exe

windows10-2004-x64

Sharing

General

Target

c7cd9c0bfb7ad72cc4270690f8bb73535357e89845749ce19233d8d7d64cd47d.exe
Size

370KB
Sample

240424-caj6laea54
MD5

000b0ccd732870ed3d6d23a39d698257
SHA1

d58d41c38af66d3d369235ffeef7e3e67c0cbf4a
SHA256

c7cd9c0bfb7ad72cc4270690f8bb73535357e89845749ce19233d8d7d64cd47d
SHA512

68258b9a2d794097779b1c76e6e3ecbab436892fcaa7972f578b04a4d87b6e5a7e856c8ca38098037e36cc28941d3b7ef7b0b954efb2f2fa18a976b94661cc3e
SSDEEP

6144:fnB0EVY3RLUCv4SmZKME0nEHhZYzdIE0AFMhbcJ83gX1DaaxV7z0pyRHlK46bewb:fB0EVCbmZKMERHhWImy68EWaP0pyRFKD

Score

10^/10

vidar stealer

Static task

static1

Behavioral task

behavioral1

Sample

c7cd9c0bfb7ad72cc4270690f8bb73535357e89845749ce19233d8d7d64cd47d.exe

Resource

win7-20240221-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

c7cd9c0bfb7ad72cc4270690f8bb73535357e89845749ce19233d8d7d64cd47d.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199673019888

https://t.me/irfail

Attributes

user_agent
Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0

Targets

- Target
  
  c7cd9c0bfb7ad72cc4270690f8bb73535357e89845749ce19233d8d7d64cd47d.exe
- Size
  
  370KB
- MD5
  
  000b0ccd732870ed3d6d23a39d698257
- SHA1
  
  d58d41c38af66d3d369235ffeef7e3e67c0cbf4a
- SHA256
  
  c7cd9c0bfb7ad72cc4270690f8bb73535357e89845749ce19233d8d7d64cd47d
- SHA512
  
  68258b9a2d794097779b1c76e6e3ecbab436892fcaa7972f578b04a4d87b6e5a7e856c8ca38098037e36cc28941d3b7ef7b0b954efb2f2fa18a976b94661cc3e
- SSDEEP
  
  6144:fnB0EVY3RLUCv4SmZKME0nEHhZYzdIE0AFMhbcJ83gX1DaaxV7z0pyRHlK46bewb:fB0EVCbmZKMERHhWImy68EWaP0pyRFKD
Score

10^/10

vidar stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy