vidar | bdb4de405fc1d79dec0e1f38803c4a35fd4b8ffe0c3400abdbf6794fcb1ed17f | Triage

Submit
Reports

Overview

overview

Static

static

3

bdb4de405f...7f.exe

windows7-x64

bdb4de405f...7f.exe

windows10-2004-x64

Sharing

General

Target

bdb4de405fc1d79dec0e1f38803c4a35fd4b8ffe0c3400abdbf6794fcb1ed17f
Size

3.2MB
Sample

240424-y7wrjsha88
MD5

a1867d7dd3f7bee96dde767ad9f30c1a
SHA1

0c36e7a1438426732da44709b4204e5dd22413bc
SHA256

bdb4de405fc1d79dec0e1f38803c4a35fd4b8ffe0c3400abdbf6794fcb1ed17f
SHA512

00b5b11ce0d1cbbbc79b9561fe2837ba3d1de9ec5bdb341bf6946cfff989102f38143501b20c6eac8de0aac553814f969054c61a0f152d463c3cd9ce0dcd36a9
SSDEEP

3072:q1R5mgVvk69aAZPN3t/CidSgKo0gll2RpBS9R/+wlec4S:E8gVvk69aAZPZtKm0gl0R/S9U3u

Score

10^/10

vidar 5365a42f8d7825856b7557059fcbe256 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bdb4de405fc1d79dec0e1f38803c4a35fd4b8ffe0c3400abdbf6794fcb1ed17f.exe

Resource

win7-20240221-en

vidar 5365a42f8d7825856b7557059fcbe256 stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

bdb4de405fc1d79dec0e1f38803c4a35fd4b8ffe0c3400abdbf6794fcb1ed17f.exe

Resource

win10v2004-20240412-en

vidar 5365a42f8d7825856b7557059fcbe256 stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

7.9

Botnet

5365a42f8d7825856b7557059fcbe256

C2

https://t.me/hypergog

https://steamcommunity.com/profiles/76561199642171824

Attributes

profile_id_v2
5365a42f8d7825856b7557059fcbe256
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Targets

- Target
  
  bdb4de405fc1d79dec0e1f38803c4a35fd4b8ffe0c3400abdbf6794fcb1ed17f
- Size
  
  3.2MB
- MD5
  
  a1867d7dd3f7bee96dde767ad9f30c1a
- SHA1
  
  0c36e7a1438426732da44709b4204e5dd22413bc
- SHA256
  
  bdb4de405fc1d79dec0e1f38803c4a35fd4b8ffe0c3400abdbf6794fcb1ed17f
- SHA512
  
  00b5b11ce0d1cbbbc79b9561fe2837ba3d1de9ec5bdb341bf6946cfff989102f38143501b20c6eac8de0aac553814f969054c61a0f152d463c3cd9ce0dcd36a9
- SSDEEP
  
  3072:q1R5mgVvk69aAZPN3t/CidSgKo0gll2RpBS9R/+wlec4S:E8gVvk69aAZPZtKm0gl0R/S9U3u
Score

10^/10

vidar 5365a42f8d7825856b7557059fcbe256 stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Detects Windows executables referencing non-Windows User-Agents
- Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

vidar5365a42f8d7825856b7557059fcbe256stealer

behavioral2

vidar5365a42f8d7825856b7557059fcbe256stealer

© 2018-2024

Terms | Privacy