vidar | 9ce8c75892fbdc4793558467d98e05b17459cdce4078b0fb7c270495d195d747 | Triage

Submit
Reports

Overview

overview

Static

static

3

9ce8c75892...47.exe

windows7-x64

1

9ce8c75892...47.exe

windows10-2004-x64

Sharing

General

Target

9ce8c75892fbdc4793558467d98e05b17459cdce4078b0fb7c270495d195d747.exe
Size

422KB
Sample

240428-b6me6add75
MD5

03750d84804cd05a1e7366dd52e67f71
SHA1

c64e12d70a131e168d54e4074c3a11668779381d
SHA256

9ce8c75892fbdc4793558467d98e05b17459cdce4078b0fb7c270495d195d747
SHA512

bcffeebef54e05fac8b7ef3c8d491a686c8de0f5a00f8bf94f9486fb5091e1a916bc491256bf58a6751f9d128c4d9148bad97a3d459976862f26104d6988e4f7
SSDEEP

6144:29KDb7RpkvFCCTnOPivspTpwlHe6EiZ1gFrzTt8ceX7seXztApIvejJXcxQC:zb7RpkMCsppwlRgFXG9XdtOp5ciC

Score

10^/10

vidar stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9ce8c75892fbdc4793558467d98e05b17459cdce4078b0fb7c270495d195d747.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

9ce8c75892fbdc4793558467d98e05b17459cdce4078b0fb7c270495d195d747.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199677575543

https://t.me/snsb82

Attributes

user_agent
Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0

Targets

- Target
  
  9ce8c75892fbdc4793558467d98e05b17459cdce4078b0fb7c270495d195d747.exe
- Size
  
  422KB
- MD5
  
  03750d84804cd05a1e7366dd52e67f71
- SHA1
  
  c64e12d70a131e168d54e4074c3a11668779381d
- SHA256
  
  9ce8c75892fbdc4793558467d98e05b17459cdce4078b0fb7c270495d195d747
- SHA512
  
  bcffeebef54e05fac8b7ef3c8d491a686c8de0f5a00f8bf94f9486fb5091e1a916bc491256bf58a6751f9d128c4d9148bad97a3d459976862f26104d6988e4f7
- SSDEEP
  
  6144:29KDb7RpkvFCCTnOPivspTpwlHe6EiZ1gFrzTt8ceX7seXztApIvejJXcxQC:zb7RpkMCsppwlRgFXG9XdtOp5ciC
Score

10^/10

vidar stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy