vidar

Resubmissions

10/05/2024, 17:54

240510-wg3q3ahg7v 1

10/05/2024, 17:46

240510-wcdalshe6v 10

Sharing

Copy URL Twitter E-mail

General

Target

https://github.com
Sample

240510-wcdalshe6v

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

9.2

Botnet

90055089a554b801602b3ac265dc570c

https://steamcommunity.com/profiles/76561199677575543

https://t.me/snsb82

Attributes

profile_id_v2
90055089a554b801602b3ac265dc570c
user_agent
Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0

Targets

- Target
  
  https://github.com
Score

10^/10

vidar 90055089a554b801602b3ac265dc570c execution stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Detect Vidar Stealer

Executes dropped EXE

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

urlscan1

behavioral1