vidar | e099e6405a012b8f164433bee4439eda51fe4e6d52eb9085b5b12133058ba578 | Triage

Submit
Reports

Overview

overview

Static

static

3

9f619f332a...b0.exe

windows7-x64

9f619f332a...b0.exe

windows10-2004-x64

Sharing

General

Target

e099e6405a012b8f164433bee4439eda51fe4e6d52eb9085b5b12133058ba578
Size

3.4MB
Sample

240909-ltrt8asbjj
MD5

529de81920791502c1e0bd9dc282775d
SHA1

430b9fae22c3563f349ede9ce6da20f9380e444c
SHA256

e099e6405a012b8f164433bee4439eda51fe4e6d52eb9085b5b12133058ba578
SHA512

58aca7d4f44f6da185b12ea7182398ca494b60898920bd4ca853f4dfa51e337a290c5df4673fd04e864724d396d546ecf17d3912b5e26b8394c506ff27e29aa4
SSDEEP

98304:pAQkbCpgM9L/6VF60Q03oG+lULH2jksUbA9En1k/3Fp:pKAGaqLWjSbWGCvFp

Score

10^/10

vidar credential_access discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9f619f332a9e5bd74a345778e86a871e9efb087bfea43ade7cbf9f63a12151b0.exe

Resource

win7-20240903-en

vidar credential_access discovery stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

9f619f332a9e5bd74a345778e86a871e9efb087bfea43ade7cbf9f63a12151b0.exe

Resource

win10v2004-20240802-en

vidar credential_access discovery stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

vidar

C2

https://t.me/s41l0

https://steamcommunity.com/profiles/76561199743486170

Attributes

user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 YaBrowser/24.6.0.0 Safari/537.36

Targets

- Target
  
  9f619f332a9e5bd74a345778e86a871e9efb087bfea43ade7cbf9f63a12151b0.exe
- Size
  
  4.7MB
- MD5
  
  8e5286e3caa11c78e275892a38f2e772
- SHA1
  
  ddada2f646640b394c04e7166db04200d226281b
- SHA256
  
  9f619f332a9e5bd74a345778e86a871e9efb087bfea43ade7cbf9f63a12151b0
- SHA512
  
  4f180892333915a52f5e2ee7a69d0ba628ed3d6c6425e2ba4b41f0ed5a06898b25bc0a0432dc6372add0c811b16e74d636a6466ba64fd9ccc34a93e900b5f5ce
- SSDEEP
  
  98304:2t9Kw5Ea4QR/YUxIUnnxIMSsDPUCfCxg+6hUNLindy:mkw6ER/YUZnxIw8ICxvoQcdy
Score

10^/10

vidar credential_access discovery stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Unsecured Credentials: Credentials In Files
  Steal credentials from unsecured files.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidarcredential_accessdiscoverystealer

behavioral2

vidarcredential_accessdiscoverystealer

© 2018-2025

Terms | Privacy